|
310281
|
9.8 |
CRITICAL
Network
|
janobe
|
online_hotel_reservation_system
|
A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. T…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10413
|
2024-10-30 05:33 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310282
|
7.2 |
HIGH
Network
|
janobe
|
online_hotel_reservation_system
|
A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doChec…
|
CWE-89
SQL Injection
|
CVE-2024-10411
|
2024-10-30 05:28 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310283
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /file/accept.php. The manipulation of …
|
CWE-89
SQL Injection
|
CVE-2024-10415
|
2024-10-30 05:26 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310284
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /file/cancel.php. The manipulation of th…
|
CWE-89
SQL Injection
|
CVE-2024-10416
|
2024-10-30 05:21 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310285
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /file/delete.php. The manipulation of the …
|
CWE-89
SQL Injection
|
CVE-2024-10417
|
2024-10-30 05:19 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310286
|
- |
|
-
|
-
|
An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting (XSS).
|
-
|
CVE-2024-48239
|
2024-10-30 04:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310287
|
- |
|
-
|
-
|
WTCMS 1.0 is vulnerable to SQL Injection in the edit_post method of /Admin\Controller\NavControl.class.php via the parentid parameter.
|
-
|
CVE-2024-48238
|
2024-10-30 04:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310288
|
- |
|
-
|
-
|
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\File…
|
-
|
CVE-2024-48236
|
2024-10-30 04:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310289
|
- |
|
-
|
-
|
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of the TemplateController.java file.
|
-
|
CVE-2024-48235
|
2024-10-30 04:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310290
|
- |
|
-
|
-
|
An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php the value of the postAddress parameter is not processed and is directly passed into curl_exec executio…
|
-
|
CVE-2024-48234
|
2024-10-30 04:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
