|
251941
|
9.8 |
CRITICAL
Network
|
jackzhu
|
photokit
|
Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49610
|
2024-10-25 00:38 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251942
|
8.8 |
HIGH
Network
|
apa
|
apa_register_newsletter_form
|
Cross-Site Request Forgery (CSRF) vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through 1.0.0.
|
CWE-352
Origin Validation Error
|
CVE-2024-49621
|
2024-10-25 00:35 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251943
|
8.8 |
HIGH
Network
|
infotuts
|
sw_contact_form
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infotuts SW Contact Form allows Blind SQL Injection.This issue affects SW Contact Form: from n/a …
|
CWE-89
SQL Injection
|
CVE-2024-49612
|
2024-10-25 00:33 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251944
|
8.8 |
HIGH
Network
|
brandonwhite
|
author_discussion
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: …
|
CWE-89
SQL Injection
|
CVE-2024-49609
|
2024-10-25 00:25 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251945
|
6.1 |
MEDIUM
Network
|
avchat.net
|
avchat_video_chat
|
Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS.This issue affects AVChat Video Chat: from n/a through 2.2.
|
CWE-352
Origin Validation Error
|
CVE-2024-49605
|
2024-10-24 23:57 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251946
|
6.1 |
MEDIUM
Network
|
edush_maxim
|
googledrive_folder_list
|
Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2.
|
CWE-352
Origin Validation Error
|
CVE-2024-49335
|
2024-10-24 23:50 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251947
|
8.8 |
HIGH
Network
|
themeisle
|
multiple_page_generator
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows SQL Injection.This issue affects Multiple P…
|
CWE-89
SQL Injection
|
CVE-2024-47325
|
2024-10-24 23:43 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251948
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove()
The cmd_buff needs to be freed …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48957
|
2024-10-24 23:41 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251949
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream
This commit addresses a null pointer derefere…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49913
|
2024-10-24 23:39 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251950
|
7.2 |
HIGH
Network
|
princelycesar
|
hospital_management_system
|
SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code.
|
CWE-89
SQL Injection
|
CVE-2024-48657
|
2024-10-24 23:38 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
