|
306731
|
7.2 |
HIGH
Network
|
codezips
|
tourist_management_system
|
A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9815
|
2024-10-17 23:52 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306732
|
9.8 |
CRITICAL
Network
|
codezips
|
pharmacy_management_system
|
A vulnerability, which was classified as critical, was found in Codezips Pharmacy Management System 1.0. Affected is an unknown function of the file product/update.php. The manipulation of the argume…
|
CWE-89
SQL Injection
|
CVE-2024-9814
|
2024-10-17 23:48 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306733
|
4.8 |
MEDIUM
Network
|
classroombookings
|
classroombookings
|
A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic. This issue affects some unknown processing of the file /sessions of the component Session Page. The ma…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9807
|
2024-10-17 23:44 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306734
|
4.8 |
MEDIUM
Network
|
classroombookings
|
classroombookings
|
A vulnerability has been found in Craig Rodway Classroombookings up to 2.8.6 and classified as problematic. This vulnerability affects unknown code of the file /rooms/fields of the component Room Pag…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9806
|
2024-10-17 23:44 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306735
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft-g2
|
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can manipulate users to visit a malicious…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47964
|
2024-10-17 23:37 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306736
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft-g2
|
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can manipulate users to visit a malicious page…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47963
|
2024-10-17 23:37 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306737
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft-g2
|
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a mal…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47962
|
2024-10-17 23:37 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306738
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft-g2
|
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute …
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-47966
|
2024-10-17 23:36 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306739
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft-g2
|
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can manipulate users to visit a malicious page …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47965
|
2024-10-17 23:36 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306740
|
6.1 |
MEDIUM
Network
|
rems
|
profile_registration_without_reload\/refresh
|
A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9799
|
2024-10-17 23:32 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
