CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51419
https://notcve.org/view.php?id=CVE-2024-51419
30 Oct 2024 — Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 allows a remote attacker to execute arbitrary code. La vulnerabilidad de Cross Site Scripting en Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 permite a un atacante remoto ejecutar código arbitrario. • https://gist.github.com/475bd8bc21c4f4dfc8f26ce35eb6ca28.git • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22261 – SQL Injection in Harbor scan log API
https://notcve.org/view.php?id=CVE-2024-22261
10 Jun 2024 — SQL-Injection in Harbor allows priviledge users to leak the task IDs La inyección SQL en Harbour permite a los usuarios con privilegios filtrar los ID de las tareas • https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j • CWE-566: Authorization Bypass Through User-Controlled SQL Primary Key •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22244 – Harbor Open Redirect URL
https://notcve.org/view.php?id=CVE-2024-22244
10 Jun 2024 — Open Redirect in Harbor <=v2.8.4, <=v2.9.2, and <=v2.10.0 may redirect a user to a malicious site. Open Redirect en Harbor <=v2.8.4, <=v2.9.2 y <=v2.10.0 puede redirigir a un usuario a un sitio malicioso. • https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •