|
250551
|
- |
|
-
|
-
|
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before version 5.2 allows a local authenticated attacker to achieve local privilege escalation.
|
-
|
CVE-2024-9167
|
2024-11-5 00:15 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250552
|
9.8 |
CRITICAL
Network
|
tongda2000
|
office_anywhere
|
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argume…
|
CWE-89
SQL Injection
|
CVE-2024-10619
|
2024-11-5 00:11 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250553
|
9.8 |
CRITICAL
Network
|
tongda2000
|
office_anywhere
|
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipula…
|
CWE-89
SQL Injection
|
CVE-2024-10618
|
2024-11-5 00:11 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250554
|
9.1 |
CRITICAL
Network
|
lunary
|
lunary
|
An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of au…
|
NVD-CWE-Other
|
CVE-2024-7475
|
2024-11-4 22:55 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250555
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
online_dj_booking_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php in PHPGurukul Online DJ Booking Management System 1.0, which allows remote attackers to execute arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51076
|
2024-11-4 22:41 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250556
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
online_dj_booking_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in PHPGurukul Online DJ Booking Management System v1.0, which allows remote attackers to execute arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51075
|
2024-11-4 22:41 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250557
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
ifsc_code_finder
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/admin/profile.php in PHPGurukul IFSC Code Finder Project v1.0, which allows remote attackers to execute arbitrary code vi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51181
|
2024-11-4 22:39 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250558
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
ifsc_code_finder
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/index.php in PHPGurukul IFSC Code Finder Project v1.0, which allows remote attackers to execute arbitrary code via the "s…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51180
|
2024-11-4 22:37 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250559
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox_focus
|
Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects F…
|
NVD-CWE-noinfo
|
CVE-2024-10474
|
2024-11-4 22:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250560
|
6.5 |
MEDIUM
Network
|
mozilla
|
thunderbird
firefox
|
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2024-10462
|
2024-11-4 22:32 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
