|
306271
|
5.4 |
MEDIUM
Network
|
phpgurukul
|
hospital_management_system
|
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.
|
CWE-79
Cross-site Scripting
|
CVE-2024-46237
|
2024-10-23 03:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306272
|
6.0 |
MEDIUM
Local
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root u…
|
CWE-78
OS Command
|
CVE-2024-20461
|
2024-10-23 03:26 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306273
|
5.4 |
MEDIUM
Network
|
code-projects
|
blood_bank_system
|
A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /viewrequest.php. The manipulation leads to cr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10142
|
2024-10-23 03:11 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306274
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG 5 and classified as critical. Affected by this issue is the function connectLogout of the file /com/esafenet/servlet/ajax/MultiServerAjax.java. The manipulat…
|
CWE-89
SQL Injection
|
CVE-2024-10134
|
2024-10-23 03:10 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306275
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Affected by this vulnerability is the function updateNetSecPolicyPriority of the file /com/esafenet/servlet/ajax/NetSecPol…
|
CWE-89
SQL Injection
|
CVE-2024-10133
|
2024-10-23 03:10 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306276
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. This affects the function actionDelNetSecConfig of the file /com/esafenet/servlet/netSec/NetSecConfigService.java. The…
|
CWE-89
SQL Injection
|
CVE-2024-10135
|
2024-10-23 03:09 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306277
|
7.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to exe…
|
CWE-78
OS Command
|
CVE-2024-20459
|
2024-10-23 03:06 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306278
|
8.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or …
|
CWE-78
OS Command
|
CVE-2024-20458
|
2024-10-23 03:03 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306279
|
7.5 |
HIGH
Network
|
didiglobal
|
ddmq
|
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Console Module. The manipulation with the input…
|
CWE-863
Incorrect Authorization
|
CVE-2024-10173
|
2024-10-23 02:05 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306280
|
5.4 |
MEDIUM
Network
|
k2-service
|
product_customizer_light
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-23 01:42 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
