CVE

Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.

Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.

Excessive Data Query Operations in a Large Data Table in GitHub repository pimcore/demo prior to 10.3.0.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in UltimatelySocial Social Media Share Buttons & Social Sharing Icons plugin <= 2.8.3 versions.

A stored cross-site scripting (XSS) vulnerability in the Website column management function of DedeBIZ v6.2.11 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jes Madsen Cookies by JM plugin <= 1.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfcrowd Save as Image plugin by Pdfcrowd plugin <= 2.16.0 versions.

Auth. (contributor) Cross-Site Scripting (XSS) vulnerability in 93digital Typing Effect plugin <= 1.3.6 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Arya Multipurpose Pro theme <= 1.0.8 versions.