|
312001
|
4.8 |
MEDIUM
Network
|
romadebrian
|
web-sekolah
|
A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akun_edit.php of the component Backend. The manipulation of…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10840
|
2024-11-7 07:49 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312002
|
4.8 |
MEDIUM
Network
|
romadebrian
|
web-sekolah
|
A vulnerability, which was classified as problematic, has been found in romadebrian WEB-Sekolah 1.0. Affected by this issue is some unknown functionality of the file /Admin/Proses_Edit_Akun.php of th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10842
|
2024-11-7 07:43 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312003
|
9.8 |
CRITICAL
Network
|
bookstore_management_system_project
|
bookstore_management_system
|
A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file book_detail.php. The manipulation of th…
|
CWE-89
SQL Injection
|
CVE-2024-10845
|
2024-11-7 07:38 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312004
|
9.8 |
CRITICAL
Network
|
bookstore_management_system_project
|
bookstore_management_system
|
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file search.php. The manipulation of the argument s …
|
CWE-89
SQL Injection
|
CVE-2024-10844
|
2024-11-7 07:38 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312005
|
4.9 |
MEDIUM
Network
|
pimcore
|
pimcore
|
Pimcore is an open source data and experience management platform. When a PortalUserObject is connected to a PimcoreUser and "Use Pimcore Backend Password" is set to true, the change password functio…
|
NVD-CWE-Other
|
CVE-2024-49370
|
2024-11-7 07:31 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312006
|
6.5 |
MEDIUM
Network
|
appsmith
|
appsmith
|
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-51408
|
2024-11-7 07:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312007
|
4.9 |
MEDIUM
Network
|
topdata
|
inner_rep_plus
|
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been classified as problematic. Affected is an unknown function of the file /InnerRepPlus.html of the component Operator Det…
|
CWE-549
Missing Password Field Masking
|
CVE-2024-10122
|
2024-11-7 07:05 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312008
|
- |
|
-
|
-
|
In agentscope <=v0.0.4, the file agentscope\web\workstation\workflow_utils.py has the function is_callable_expression. Within this function, the line result = eval(s) poses a security risk as it can …
|
-
|
CVE-2024-48050
|
2024-11-7 06:35 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312009
|
- |
|
-
|
-
|
U-Boot environment is read from unauthenticated partition.
|
-
|
CVE-2024-22013
|
2024-11-7 06:35 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312010
|
6.1 |
MEDIUM
Network
|
shibulijack
|
cj_change_howdy
|
Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.K.A CyberJack CJ Change Howdy allows Stored XSS.This issue affects CJ Change Howdy: from n/a through 3.3.1.
|
CWE-352
Origin Validation Error
|
CVE-2024-49223
|
2024-11-7 05:55 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
