|
305501
|
9.8 |
CRITICAL
Network
|
zzcms
|
zzcms
|
A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilen…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10292
|
2024-10-30 22:40 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305502
|
9.8 |
CRITICAL
Network
|
zzcms
|
zzcms
|
A vulnerability was found in ZZCMS 2023. It has been classified as critical. Affected is the function Ebak_SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argume…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10293
|
2024-10-30 22:37 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305503
|
9.8 |
CRITICAL
Network
|
zzcms
|
zzcms
|
A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipu…
|
CWE-89
SQL Injection
|
CVE-2024-10291
|
2024-10-30 22:23 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305504
|
9.8 |
CRITICAL
Network
|
mayurik
|
best_house_rental_management_system
|
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. Affected by this issue is the function delete_tenant of the file /ajax.php?action=delet…
|
CWE-89
SQL Injection
|
CVE-2024-10349
|
2024-10-30 22:14 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305505
|
5.4 |
MEDIUM
Network
|
mayurik
|
best_house_rental_management_system
|
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the com…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10348
|
2024-10-30 22:03 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305506
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10033
|
2024-10-30 12:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305507
|
- |
|
-
|
-
|
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group.
|
-
|
CVE-2024-48450
|
2024-10-30 06:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305508
|
- |
|
-
|
-
|
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into the tracker comments page.
|
-
|
CVE-2024-48448
|
2024-10-30 06:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305509
|
- |
|
-
|
-
|
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors.
|
-
|
CVE-2024-30132
|
2024-10-30 06:35 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305510
|
5.5 |
MEDIUM
Local
|
wibu
|
wibukey
|
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulti…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-45182
|
2024-10-30 06:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
