Alireza Gharib Blog

CVE ID : CVE-2024-56033 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Think201 FAQs allows Reflected XSS.This issue affects FAQs: from n/a through 1.0.2. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected…

CVE ID : CVE-2024-56032 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Foliovision FV Descriptions allows Reflected XSS.This issue affects FV Descriptions: from n/a through 1.4. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS…

CVE ID : CVE-2024-56030 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 10CentMail allows Reflected XSS.This issue affects 10CentMail: from n/a through 2.1.50. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products,…

CVE ID : CVE-2024-56029 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Dreamwinner Easy Language Switcher allows Reflected XSS.This issue affects Easy Language Switcher: from n/a through 1.0. Severity: 7.1 | HIGH Visit the link for more details, such…

CVE ID : CVE-2024-56028 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Lemonade Coding Studio Lemonade Social Networks Autoposter Pinterest allows Reflected XSS.This issue affects Lemonade Social Networks Autoposter Pinterest: from n/a through 2.0. Severity: 7.1 | HIGH Visit…

CVE ID : CVE-2024-56027 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in BizSwoop a CPF Concepts, LLC Brand Leads CRM allows Reflected XSS.This issue affects Leads CRM: from n/a through 2.0.13. Severity: 7.1 | HIGH Visit the link for…

CVE ID : CVE-2024-56019 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Gavin Rehkemper Inline Footnotes allows Stored XSS.This issue affects Inline Footnotes: from n/a through 2.3.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as…

CVE ID : CVE-2024-13103 Published : Jan. 2, 2025, 10:15 a.m. | 16 minutes ago Description : A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The…

CVE ID : CVE-2024-56829 Published : Jan. 2, 2025, 4:15 a.m. | 6 hours, 16 minutes ago Description : Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx. Severity: 10.0 | CRITICAL Visit the link for more…

CVE ID : CVE-2024-25133 Published : Dec. 31, 2024, 3:15 p.m. | 1 day, 19 hours ago Description : A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod.…