CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2022-38947
https://notcve.org/view.php?id=CVE-2022-38947
SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry.php in product_title parameter, allows attackers to execute arbitrary code. • https://github.com/Cosemz/CVE/blob/main/Flipkart-Clone-PHP/Flipkart-Clone-PHP.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-43962
https://notcve.org/view.php?id=CVE-2023-43962
Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab. • https://github.com/Cosemz/CVE/blob/main/xunruicms/XunRuiCms%20Stored%20XSS%20%28Authenticated%29.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-50628
https://notcve.org/view.php?id=CVE-2024-50628
It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues. • https://www.digi.com/getattachment/Resources/Security/Alerts/Digi-ConnectPort-LTS-Firmware-Update/ConnectPort-LTS-KB.pdf https://www.digi.com/resources/documentation/digidocs/pdfs/90001001.pdf https://www.digi.com/resources/security • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-48956
https://notcve.org/view.php?id=CVE-2024-48956
Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution. • https://security.serviceware-se.com/CVE-2024-48956 https://serviceware-se.com/platform/serviceware-processes • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-52320 – Planet Technology Planet WGS-804HPT Command Injection
https://notcve.org/view.php?id=CVE-2024-52320
An unauthenticated attacker could send commands through a malicious HTTP request which could result in remote code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02 https://www.planet.com.tw/en/support/downloads?method=keyword&keyword=v1.305b241111 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •