|
305971
|
9.8 |
CRITICAL
Network
|
tongda2000
|
office_anywhere
|
A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads …
|
CWE-89
SQL Injection
|
CVE-2024-10617
|
2024-11-5 01:44 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305972
|
9.8 |
CRITICAL
Network
|
tongda2000
|
office_anywhere
|
A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads …
|
CWE-89
SQL Injection
|
CVE-2024-10616
|
2024-11-5 01:44 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305973
|
- |
|
-
|
-
|
A denial of service may be caused to a single peripheral device in a BLE network when multiple central
devices continuously connect and disconnect to the peripheral. A hard reset is required to reco…
|
-
|
CVE-2024-6657
|
2024-11-5 00:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305974
|
- |
|
-
|
-
|
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before version 5.2 allows a local authenticated attacker to achieve local privilege escalation.
|
-
|
CVE-2024-9167
|
2024-11-5 00:15 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305975
|
9.8 |
CRITICAL
Network
|
tongda2000
|
office_anywhere
|
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argume…
|
CWE-89
SQL Injection
|
CVE-2024-10619
|
2024-11-5 00:11 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305976
|
9.8 |
CRITICAL
Network
|
tongda2000
|
office_anywhere
|
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipula…
|
CWE-89
SQL Injection
|
CVE-2024-10618
|
2024-11-5 00:11 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305977
|
9.1 |
CRITICAL
Network
|
lunary
|
lunary
|
An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of au…
|
NVD-CWE-Other
|
CVE-2024-7475
|
2024-11-4 22:55 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305978
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
online_dj_booking_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php in PHPGurukul Online DJ Booking Management System 1.0, which allows remote attackers to execute arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51076
|
2024-11-4 22:41 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305979
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
online_dj_booking_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in PHPGurukul Online DJ Booking Management System v1.0, which allows remote attackers to execute arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51075
|
2024-11-4 22:41 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305980
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
ifsc_code_finder
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/admin/profile.php in PHPGurukul IFSC Code Finder Project v1.0, which allows remote attackers to execute arbitrary code vi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51181
|
2024-11-4 22:39 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
