|
251371
|
5.4 |
MEDIUM
Network
|
x2engine
|
x2crm
|
X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting (XSS) in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48120
|
2024-10-30 05:57 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251372
|
7.2 |
HIGH
Network
|
mayurik
|
petrol_pump_management
|
A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_f…
|
CWE-89
SQL Injection
|
CVE-2024-10406
|
2024-10-30 05:48 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251373
|
7.2 |
HIGH
Network
|
mayurik
|
petrol_pump_management
|
A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/edit_customer.php. The manipulation…
|
CWE-89
SQL Injection
|
CVE-2024-10407
|
2024-10-30 05:47 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251374
|
4.8 |
MEDIUM
Network
|
phpgurukul
|
vehicle_record_system
|
A vulnerability, which was classified as problematic, was found in PHPGurukul Vehicle Record System 1.0. This affects an unknown part of the file /admin/edit-brand.php. The manipulation of the argume…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10414
|
2024-10-30 05:46 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251375
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability has been found in code-projects Blood Bank Management up to 1.0 and classified as critical. This vulnerability affects unknown code of the file /abs.php. The manipulation of the argum…
|
CWE-89
SQL Injection
|
CVE-2024-10408
|
2024-10-30 05:44 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251376
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management 1.0 and classified as critical. This issue affects some unknown processing of the file /file/accept.php. The manipulation of the argum…
|
CWE-89
SQL Injection
|
CVE-2024-10409
|
2024-10-30 05:42 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251377
|
7.2 |
HIGH
Network
|
janobe
|
online_hotel_reservation_system
|
A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/mod_room/controller.ph…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10410
|
2024-10-30 05:41 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251378
|
5.4 |
MEDIUM
Network
|
poco-z
|
guns-medial
|
A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10412
|
2024-10-30 05:40 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251379
|
- |
|
-
|
-
|
An issue in Total.js CMS v.1.0 allows a remote attacker to execute arbitrary code via the func.js file.
|
-
|
CVE-2024-48655
|
2024-10-30 05:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251380
|
- |
|
-
|
-
|
A command execution vulnerability exists in the AX2 Pro home router produced by Shenzhen Tenda Technology Co., Ltd. (Jixiang Tenda) v.DI_7003G-19.12.24A1V16.03.29.50;V16.03.29.50;V16.03.29.50. An att…
|
-
|
CVE-2024-48459
|
2024-10-30 05:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
