A3h1nt/CVEs

A3h1nt/CVEs

Releases0

Stars2

Just CVEs, nothing else.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-36694 ↗	Dec 18, 2024Wednesday, 18 December 2024, 20:15	7.2 HIGH	—
OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function.
CVE-2024-40420 ↗	Jul 17, 2024Wednesday, 17 July 2024, 19:15	—	—
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-36694. Reason: This record is a duplicate of CVE-2024-36694. Notes: All CVE users should reference CVE-2024-36694 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
CVE-2024-37734 ↗	Jun 26, 2024Wednesday, 26 June 2024, 22:15	9.8 CRITICAL	—
An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.