|
309101
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a u…
|
CWE-79
Cross-site Scripting
|
CVE-2022-20626
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309102
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenti…
|
CWE-284
Improper Access Control
|
CVE-2024-20373
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309103
|
9.1 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges.
This vul…
|
CWE-305
Authentication Bypass by Primary Weakness
|
CVE-2023-20154
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309104
|
8.6 |
HIGH
Network
|
-
|
-
|
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition.
…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-20125
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309105
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code…
|
CWE-22
Path Traversal
|
CVE-2024-50324
|
2024-11-19 02:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309106
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters.
|
CWE-89
SQL Injection
|
CVE-2024-50826
|
2024-11-19 01:39 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309107
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter.
|
CWE-89
SQL Injection
|
CVE-2024-50825
|
2024-11-19 01:39 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309108
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
|
CWE-89
SQL Injection
|
CVE-2024-50824
|
2024-11-19 01:39 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309109
|
9.8 |
CRITICAL
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters.
|
CWE-89
SQL Injection
|
CVE-2024-50823
|
2024-11-19 01:38 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309110
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters.
|
CWE-89
SQL Injection
|
CVE-2024-50835
|
2024-11-19 01:38 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
