|
250761
|
8.8 |
HIGH
Network
|
apa
|
apa_register_newsletter_form
|
Cross-Site Request Forgery (CSRF) vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through 1.0.0.
|
CWE-352
Origin Validation Error
|
CVE-2024-49621
|
2024-10-25 00:35 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250762
|
8.8 |
HIGH
Network
|
infotuts
|
sw_contact_form
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infotuts SW Contact Form allows Blind SQL Injection.This issue affects SW Contact Form: from n/a …
|
CWE-89
SQL Injection
|
CVE-2024-49612
|
2024-10-25 00:33 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250763
|
8.8 |
HIGH
Network
|
brandonwhite
|
author_discussion
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: …
|
CWE-89
SQL Injection
|
CVE-2024-49609
|
2024-10-25 00:25 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250764
|
6.1 |
MEDIUM
Network
|
avchat.net
|
avchat_video_chat
|
Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS.This issue affects AVChat Video Chat: from n/a through 2.2.
|
CWE-352
Origin Validation Error
|
CVE-2024-49605
|
2024-10-24 23:57 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250765
|
6.1 |
MEDIUM
Network
|
edush_maxim
|
googledrive_folder_list
|
Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2.
|
CWE-352
Origin Validation Error
|
CVE-2024-49335
|
2024-10-24 23:50 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250766
|
8.8 |
HIGH
Network
|
themeisle
|
multiple_page_generator
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows SQL Injection.This issue affects Multiple P…
|
CWE-89
SQL Injection
|
CVE-2024-47325
|
2024-10-24 23:43 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250767
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove()
The cmd_buff needs to be freed …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48957
|
2024-10-24 23:41 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250768
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream
This commit addresses a null pointer derefere…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49913
|
2024-10-24 23:39 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250769
|
7.2 |
HIGH
Network
|
princelycesar
|
hospital_management_system
|
SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code.
|
CWE-89
SQL Injection
|
CVE-2024-48657
|
2024-10-24 23:38 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250770
|
4.8 |
MEDIUM
Network
|
angeljudesuarez
|
student_management_system
|
Cross Site Scripting vulnerability in student management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48656
|
2024-10-24 23:37 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
