|
310871
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discreti…
|
NVD-CWE-noinfo
|
CVE-2024-7004
|
2024-10-30 05:35 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310872
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
thunderbird
|
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, an…
|
NVD-CWE-noinfo
|
CVE-2024-7518
|
2024-10-30 05:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310873
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-7255
|
2024-10-30 05:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310874
|
9.8 |
CRITICAL
Network
|
janobe
|
online_hotel_reservation_system
|
A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. T…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10413
|
2024-10-30 05:33 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310875
|
7.2 |
HIGH
Network
|
janobe
|
online_hotel_reservation_system
|
A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doChec…
|
CWE-89
SQL Injection
|
CVE-2024-10411
|
2024-10-30 05:28 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310876
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /file/accept.php. The manipulation of …
|
CWE-89
SQL Injection
|
CVE-2024-10415
|
2024-10-30 05:26 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310877
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /file/cancel.php. The manipulation of th…
|
CWE-89
SQL Injection
|
CVE-2024-10416
|
2024-10-30 05:21 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310878
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /file/delete.php. The manipulation of the …
|
CWE-89
SQL Injection
|
CVE-2024-10417
|
2024-10-30 05:19 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310879
|
- |
|
-
|
-
|
An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting (XSS).
|
-
|
CVE-2024-48239
|
2024-10-30 04:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310880
|
- |
|
-
|
-
|
WTCMS 1.0 is vulnerable to SQL Injection in the edit_post method of /Admin\Controller\NavControl.class.php via the parentid parameter.
|
-
|
CVE-2024-48238
|
2024-10-30 04:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
