|
311701
|
- |
|
-
|
-
|
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary …
|
-
|
CVE-2024-48279
|
2024-10-17 01:38 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311702
|
- |
|
-
|
-
|
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.php.
|
-
|
CVE-2024-48278
|
2024-10-17 01:38 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311703
|
- |
|
-
|
-
|
In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio…
|
-
|
CVE-2024-40654
|
2024-10-17 01:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311704
|
7.5 |
HIGH
Network
|
wikimedia
|
wikimedia-extensions-css
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki -…
|
CWE-22
Path Traversal
|
CVE-2024-47841
|
2024-10-17 01:34 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311705
|
9.8 |
CRITICAL
Network
|
mediawiki
|
cargo
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Ca…
|
CWE-89
SQL Injection
|
CVE-2024-47849
|
2024-10-17 01:34 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311706
|
6.5 |
MEDIUM
Network
|
avaiga
|
taipy
|
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure …
|
CWE-319
CWE-732
Cleartext Transmission of Sensitive Information
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-47833
|
2024-10-17 01:33 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311707
|
5.4 |
MEDIUM
Network
|
code-projects
|
blood_bank_system
|
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file blooddetails.php. The manipulation of the …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9803
|
2024-10-17 01:21 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311708
|
8.8 |
HIGH
Network
|
dlink
|
dir-619l_firmware
|
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. Affected by this issue is the function formSetLog of the file /goform/formSetLog. The manipulation of the…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9786
|
2024-10-17 01:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311709
|
8.8 |
HIGH
Network
|
dlink
|
dir-619l_firmware
|
A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formSetDDNS of the file /goform/formSetDDNS. The manipulation of the argume…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9785
|
2024-10-17 01:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311710
|
6.5 |
MEDIUM
Network
|
shilpisoft
|
net_back_office
|
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a p…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-47657
|
2024-10-17 00:44 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
