| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-4658 | SQLi in TE Informatics' Nova CMS | TE Informatics | Nova CMS | - | - | 2024-10-10 13:38:18 | Deep Dive |
| CVE-2024-9405 | Pluck 安全漏洞 | Pluck CMS | Pluck CMS | Medium | 5.3 | 2024-10-01 11:22:50 | Deep Dive |
| CVE-2024-9294 | dingfanzu CMS saveNewPwd.php sql injection | dingfanzu | CMS | Medium | 6.3 | 2024-09-27 21:31:04 | Deep Dive |
| CVE-2024-7398 | Concrete CMS Stored XSS Vulnerability in Calendar Event Addition Feature | Concrete CMS | Concrete CMS | - | - | 2024-09-24 21:30:37 | Deep Dive |
| CVE-2024-8291 | Concrete CMS Stored XSS in Image Editor Background Color | Concrete CMS | Concrete CMS | - | - | 2024-09-24 21:17:01 | Deep Dive |
| CVE-2024-8653 | Netcat CMS: multiple reflected cross-site scripting vulnerabilities in netshop module | NetCat | NetCat CMS | - | - | 2024-09-19 16:39:23 | Deep Dive |
| CVE-2024-8652 | Netcat CMS: reflected cross-site scripting in openstat module | NetCat | NetCat CMS | - | - | 2024-09-19 16:35:56 | Deep Dive |
| CVE-2024-8651 | Netcat CMS: user enumeration | NetCat | NetCat CMS | - | - | 2024-09-19 16:30:11 | Deep Dive |
| CVE-2024-46987 | Arbitrary path traversal in Camaleon CMS | owen2345 | camaleon-cms | High | 7.7 | 2024-09-18 17:15:46 | Deep Dive |
| CVE-2024-46986 | Arbitrary file write leading to RCE in Camaleon CMS | owen2345 | camaleon-cms | Critical | 9.9 | 2024-09-18 17:14:09 | Deep Dive |
| CVE-2024-8660 | Stored XSS in the "Top Navigator Bar" block | Concrete CMS | Concrete CMS | 中危 | - | 2024-09-17 18:13:59 | Deep Dive |
| CVE-2024-8661 | Concrete CMS version 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in the "Next&Previous Nav" block | Concrete CMS | Concrete CMS | 中危 | - | 2024-09-16 17:37:29 | Deep Dive |
| CVE-2024-45406 | Craft CMS stored XSS in breadcrumb list and title fields | craftcms | cms | Medium | 5.5 | 2024-09-09 16:46:27 | Deep Dive |
| CVE-2024-8572 | Gouniverse GoLang CMS FrontendHandler.go PageRenderHtmlByAlias cross site scripting | Gouniverse | GoLang CMS | Low | 3.5 | 2024-09-08 08:00:05 | Deep Dive |
| CVE-2024-43413 | Xibo CMS XSS vulnerability using DataSet HTML columns | xibosignage | xibo-cms | Low | 3.5 | 2024-09-03 18:52:27 | Deep Dive |
| CVE-2024-43412 | Xibo CMS XSS vulnerability when previewing files uploaded to the library containing HTML/JS | xibosignage | xibo-cms | Medium | 4.6 | 2024-09-03 16:52:24 | Deep Dive |
| CVE-2024-8334 | master-nan Sweet-CMS log.go LogHandler neutralization for logs | master-nan | Sweet-CMS | Medium | 4.3 | 2024-08-30 12:31:05 | Deep Dive |
| CVE-2024-8332 | master-nan Sweet-CMS index sql injection | master-nan | Sweet-CMS | Medium | 6.3 | 2024-08-30 12:00:06 | Deep Dive |
| CVE-2024-8303 | dingfanzu CMS getBasicInfo.php sql injection | dingfanzu | CMS | Medium | 6.3 | 2024-08-29 14:31:04 | Deep Dive |
| CVE-2024-8302 | dingfanzu CMS chpwd.php sql injection | dingfanzu | CMS | Medium | 6.3 | 2024-08-29 14:00:06 | Deep Dive |