| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-45611 | GLPI has a stored XSS at src/RSSFeed.php | glpi-project | glpi | Medium | 5.7 | 2024-11-15 20:16:18 | Deep Dive |
| CVE-2024-45610 | GLPI has a reflected XSS in ajax/cable.php | glpi-project | glpi | Medium | 6.5 | 2024-11-15 20:14:34 | Deep Dive |
| CVE-2024-45609 | GLPI has a Reflected XSS in /front/stat.graph.php | glpi-project | glpi | Medium | 6.5 | 2024-11-15 20:02:33 | Deep Dive |
| CVE-2024-45608 | GLPI has an Authenticated SQL Injection | glpi-project | glpi | Medium | 6.5 | 2024-11-15 18:24:48 | Deep Dive |
| CVE-2024-43418 | GLPI has multiple reflected XSS | glpi-project | glpi | Medium | 6.5 | 2024-11-15 18:23:32 | Deep Dive |
| CVE-2024-43417 | Reflected XSS in Software form | glpi-project | glpi | Medium | 6.5 | 2024-11-15 18:22:04 | Deep Dive |
| CVE-2024-41679 | Authenticated SQL injection in ticket form | glpi-project | glpi | Medium | 6.5 | 2024-11-15 18:20:44 | Deep Dive |
| CVE-2024-41678 | GLPI has multiple reflected XSS | glpi-project | glpi | Medium | 6.5 | 2024-11-15 18:08:47 | Deep Dive |
| CVE-2024-40638 | GLPI allows account takeover via SQL Injection in AJAX scripts | glpi-project | glpi | High | 8.1 | 2024-11-15 18:06:37 | Deep Dive |
| CVE-2024-47759 | GLPI has a stored XSS via document upload | glpi-project | glpi | - | - | 2024-11-15 17:42:01 | Deep Dive |
| CVE-2024-52554 | Jenkins plugin Shared Library Version Override 安全漏洞 | Jenkins Project | Jenkins Shared Library Version Override Plugin | - | - | 2024-11-13 20:53:04 | Deep Dive |
| CVE-2024-52553 | Jenkins plugin OpenId Connect Authentication 安全漏洞 | Jenkins Project | Jenkins OpenId Connect Authentication Plugin | - | - | 2024-11-13 20:53:03 | Deep Dive |
| CVE-2024-52551 | Jenkins plugin Pipeline:Declarative 安全漏洞 | Jenkins Project | Jenkins Pipeline: Declarative Plugin | - | - | 2024-11-13 20:53:02 | Deep Dive |
| CVE-2024-52552 | Jenkins plugin Authorize Project 安全漏洞 | Jenkins Project | Jenkins Authorize Project Plugin | - | - | 2024-11-13 20:53:02 | Deep Dive |
| CVE-2024-52550 | Jenkins plugin Pipeline:Groovy 安全漏洞 | Jenkins Project | Jenkins Pipeline: Groovy Plugin | - | - | 2024-11-13 20:53:01 | Deep Dive |
| CVE-2024-52549 | Jenkins plugin Script Security 安全漏洞 | Jenkins Project | Jenkins Script Security Plugin | - | - | 2024-11-13 20:53:00 | Deep Dive |
| CVE-2024-10174 | WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts <= 2.6.13 - Insecure Direct Object Reference to Unauthenticated Authorization Bypass | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | High | 7.3 | 2024-11-13 03:20:08 | Deep Dive |
| CVE-2024-11059 | Project Worlds Free Download Online Shopping System success.php sql injection | Project Worlds | Free Download Online Shopping System | Medium | 6.3 | 2024-11-10 23:31:05 | Deep Dive |
| CVE-2024-10735 | Project Worlds Life Insurance Management System editNominee.php sql injection | Project Worlds | Life Insurance Management System | Medium | 6.3 | 2024-11-03 14:00:07 | Deep Dive |
| CVE-2024-10734 | Project Worlds Life Insurance Management System editPayment.php sql injection | Project Worlds | Life Insurance Management System | Medium | 6.3 | 2024-11-03 13:00:08 | Deep Dive |