CVE ID : CVE-2024-50660 Published : Jan. 7, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the file upload functionality Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline,…

CVE ID : CVE-2024-50659 Published : Jan. 7, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : Cross Site Scripting vulnerability iPublish Media Solutions AdPortal 3.0.39 allows a remote attacker to escalate privileges via the shippingAsBilling parameter in updateuserinfo.html. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,…

CVE ID : CVE-2024-50658 Published : Jan. 7, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file Severity: 0.0 | NA Visit the link for more details, such as…

CVE ID : CVE-2024-44450 Published : Jan. 7, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : Multiple functions are vulnerable to Authorization Bypass in AIMS eCrew. The issue was fixed in version JUN23 #190. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go…

CVE ID : CVE-2025-22621 Published : Jan. 7, 2025, 5:15 p.m. | 2 hours, 30 minutes ago Description : In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user…

CVE ID : CVE-2025-22500 Published : Jan. 7, 2025, 5:15 p.m. | 2 hours, 30 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Ali Ali Alpha Price Table For Elementor allows DOM-Based XSS.This issue affects Alpha Price Table For Elementor: from n/a through 1.0.8. Severity: 6.5 | MEDIUM Visit…

CVE ID : CVE-2025-22519 Published : Jan. 7, 2025, 4:15 p.m. | 3 hours, 29 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29. Severity: 8.5 | HIGH Visit the…

CVE ID : CVE-2025-21624 Published : Jan. 7, 2025, 4:15 p.m. | 3 hours, 29 minutes ago Description : ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 – 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks,…

CVE ID : CVE-2024-53800 Published : Jan. 7, 2025, 4:15 p.m. | 3 hours, 30 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Rezgo Rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a through 4.15. Severity: 8.1 | HIGH Visit the link for…

CVE ID : CVE-2024-40702 Published : Jan. 7, 2025, 4:15 p.m. | 3 hours, 30 minutes ago Description : IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation. Severity: 8.2 | HIGH Visit the link for…