|
314321
|
- |
|
-
|
-
|
A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic. This affects the function update of the file /admin/template/update of the component com.cms.util.Templat…
|
CWE-22
Path Traversal
|
CVE-2024-8706
|
2024-09-12 09:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314322
|
- |
|
-
|
-
|
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields.
|
-
|
CVE-2024-28981
|
2024-09-12 09:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314323
|
6.1 |
MEDIUM
Network
|
friendica
|
friendica
|
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature.
|
CWE-79
Cross-site Scripting
|
CVE-2024-27729
|
2024-09-12 05:29 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314324
|
6.5 |
MEDIUM
Network
|
elastic
|
apm_server
|
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-37286
|
2024-09-12 05:20 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314325
|
9.8 |
CRITICAL
Network
|
angeljudesuarez
|
airline_reservation_system
|
A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function save_settings of the file admin/admin_class.php. The ma…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7500
|
2024-09-12 05:07 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314326
|
8.8 |
HIGH
Network
|
angeljudesuarez
|
tailoring_management_system
|
A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The man…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7506
|
2024-09-12 05:02 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314327
|
9.8 |
CRITICAL
Network
|
rainniar
|
bike_delivery_system
|
A vulnerability, which was classified as critical, was found in itsourcecode Bike Delivery System 1.0. Affected is an unknown function of the file contact_us_action.php. The manipulation of the argum…
|
CWE-89
SQL Injection
|
CVE-2024-7505
|
2024-09-12 04:53 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314328
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access b…
|
NVD-CWE-noinfo
|
CVE-2024-39817
|
2024-09-12 04:36 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314329
|
9.8 |
CRITICAL
Network
|
tenda
|
i22_firmware
|
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipula…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-7585
|
2024-09-12 04:32 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314330
|
9.8 |
CRITICAL
Network
|
tenda
|
i22_firmware
|
A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-7584
|
2024-09-12 04:25 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
