|
309031
|
9.8 |
CRITICAL
Network
|
codezips
|
online_institute_management_system
|
A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the ar…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10765
|
2024-11-6 23:45 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309032
|
9.8 |
CRITICAL
Network
|
codezips
|
online_institute_management_system
|
A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects an unknown part of the file /pages/save_user.php. The manipulation of the argume…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10764
|
2024-11-6 23:44 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309033
|
7.1 |
HIGH
Local
|
apple
|
iphone_os
ipados
visionos
tvos
|
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted ba…
|
CWE-59
Link Following
|
CVE-2024-44258
|
2024-11-6 23:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309034
|
8.8 |
HIGH
Network
|
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. A CSRF can be performed on CSV import simulation. This issue has been fixed in versions 3.1.2 and 3.2.0. All users are advised to upgra…
|
CWE-352
Origin Validation Error
|
CVE-2024-31998
|
2024-11-6 23:31 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309035
|
6.1 |
MEDIUM
Network
|
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. By filling malicious code in a CSV content, an Cross-site Scripting (XSS) attack can be performed when importing this content. This iss…
|
CWE-79
Cross-site Scripting
|
CVE-2024-31448
|
2024-11-6 23:31 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309036
|
6.1 |
MEDIUM
Network
|
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. When displaying pages/ajax.render.php XSS are possible for scripts outside of script tags. This issue has been fixed in versions 2.7.9,…
|
CWE-79
Cross-site Scripting
|
CVE-2023-34445
|
2024-11-6 23:29 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309037
|
6.1 |
MEDIUM
Network
|
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. When displaying pages/ajax.searchform.php XSS are possible for scripts outside of script tags. This issue has been fixed in versions 2.…
|
CWE-79
Cross-site Scripting
|
CVE-2023-34444
|
2024-11-6 23:28 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309038
|
6.1 |
MEDIUM
Network
|
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. When displaying page Run queries Cross-site Scripting (XSS) are possible for scripts outside of script tags. This has been fixed in ver…
|
CWE-79
Cross-site Scripting
|
CVE-2023-34443
|
2024-11-6 23:25 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309039
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field fro…
|
CWE-200
Information Exposure
|
CVE-2024-8553
|
2024-11-6 18:15 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309040
|
9.8 |
CRITICAL
Network
|
redhat
|
satellite
|
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy no…
|
CWE-287
Improper Authentication
|
CVE-2024-7012
|
2024-11-6 18:15 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
