CVE ID : CVE-2024-40702 Published : Jan. 7, 2025, 4:15 p.m. | 3 hours, 30 minutes ago Description : IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation. Severity: 8.2 | HIGH Visit the link for…

CVE ID : CVE-2024-56291 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Deserialization of Untrusted Data vulnerability in plainware.com PlainInventory allows Object Injection.This issue affects PlainInventory: from n/a through 3.1.6. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go…

CVE ID : CVE-2025-22347 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in BannerSky.com BSK Forms Blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through 3.9. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected…

CVE ID : CVE-2024-56284 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in SSL Wireless SSL Wireless SMS Notification allows SQL Injection.This issue affects SSL Wireless SMS Notification: from n/a through 3.5.0. Severity: 9.3 | CRITICAL Visit…

CVE ID : CVE-2024-56290 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce allows SQL Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through 1.2.…

CVE ID : CVE-2024-56283 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through 3.9.50. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products,…

CVE ID : CVE-2024-56278 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Improper Control of Generation of Code (‘Code Injection’) vulnerability in Smackcoders WP Ultimate Exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through 2.9.1. Severity: 9.1 | CRITICAL Visit the link for more details,…

CVE ID : CVE-2024-56280 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Incorrect Privilege Assignment vulnerability in Amento Tech Pvt ltd WPGuppy allows Privilege Escalation.This issue affects WPGuppy: from n/a through 1.1.0. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and…

CVE ID : CVE-2024-49649 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23. Severity: 9.8 |…

CVE ID : CVE-2024-51715 Published : Jan. 7, 2025, 11:15 a.m. | 8 hours, 30 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in ClickWhale ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages allows Blind SQL Injection.This issue affects ClickWhale –…