CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-28973
https://notcve.org/view.php?id=CVE-2024-28973
Exploitation may lead to information disclosure, session theft, or client-side request forgery Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de Cross-Site Scripting Almacenado. • https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-6060
https://notcve.org/view.php?id=CVE-2024-6060
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information. • https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5019 – WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5019
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to disclose information in the context of the service account. • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 https://www.progress.com/network-monitoring • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5018 – WhatsUp Gold LoadUsingBasePath Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5018
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to disclose information in the context of the service account. • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 https://www.progress.com/network-monitoring • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5017 – WhatsUp Gold AppProfileImport path traversal vulnerability
https://notcve.org/view.php?id=CVE-2024-5017
A specially crafted unauthenticated HTTP request to AppProfileImport can lead can lead to information disclosure. • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 https://www.progress.com/network-monitoring https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1932 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •