EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents In Gutenberg & Elementor Security Vulnerabilities

CVE-2024-5114

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_attendance_history1.php. The manipulation of the argument index leads to sql injection. It is possible to launch the attack.....

CVE-2024-5113

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/student_profile1.php. The manipulation of the argument std_index leads to sql injection. The attack may be initiated...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, ferretdb, logstash-exporter, nats, osv-scanner, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, prometheus-nats-exporter, up,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: harbor-registry, goreleaser, k8ssandra-operator, loki, flux-kustomize-controller, gobuster, kaniko, hubble-ui, wireguard-go, nri-rabbitmq, tempo, aws-load-balancer-controller, ollama, kubernetes-dashboard-metrics-scraper, flux-helm-controller,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, extism, ferretdb, osv-scanner, harbor-registry, regclient, wave, secrets-store-csi-driver-provider-gcp, kubernetes-csi-livenessprobe, flux-kustomize-controller, hey, docker-credential-acr-env, go-licenses, prometheus-nats-exporter,....

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, extism, ferretdb, osv-scanner, harbor-registry, regclient, wave, secrets-store-csi-driver-provider-gcp, kubernetes-csi-livenessprobe, flux-kustomize-controller, hey, docker-credential-acr-env, go-licenses, prometheus-nats-exporter,....

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, ferretdb, nats, loki, up, apko, flux-kustomize-controller, docker-credential-acr-env, go-licenses, gobuster, kubeflow-katib, prometheus-nats-exporter, vault, cloud-sql-proxy, eksctl, kots, wireguard-go, flux-source-controller,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, ferretdb, logstash-exporter, nats, osv-scanner, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, prometheus-nats-exporter, up,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: harbor-registry, goreleaser, k8ssandra-operator, loki, flux-kustomize-controller, gobuster, kaniko, hubble-ui, wireguard-go, nri-rabbitmq, tempo, aws-load-balancer-controller, ollama, kubernetes-dashboard-metrics-scraper, flux-helm-controller,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, extism, ferretdb, osv-scanner, harbor-registry, regclient, wave, secrets-store-csi-driver-provider-gcp, kubernetes-csi-livenessprobe, flux-kustomize-controller, hey, docker-credential-acr-env, go-licenses, prometheus-nats-exporter,....

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws, pulumi-kubernetes-operator, aactl, cosign, goreleaser, apko, flux-kustomize-controller, vault, kubescape, kubevela, zarf, kaniko, zot, keda, scorecard, tekton-chains, grafana, pulumi-language-java, slsa-verifier, melange, gitsign,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, ferretdb, nats, loki, up, apko, flux-kustomize-controller, docker-credential-acr-env, go-licenses, gobuster, kubeflow-katib, prometheus-nats-exporter, vault, cloud-sql-proxy, eksctl, kots, wireguard-go, flux-source-controller,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: containerd, crossplane-provider-aws, extism, ferretdb, osv-scanner, harbor-registry, regclient, wave, secrets-store-csi-driver-provider-gcp, kubernetes-csi-livenessprobe, flux-kustomize-controller, hey, docker-credential-acr-env, go-licenses, prometheus-nats-exporter,....

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: nats, ferretdb, logstash-exporter, regclient, vexctl, goreleaser, k8ssandra-operator, secrets-store-csi-driver-provider-gcp, tflint, loki, prometheus-pushgateway, supercronic, kubernetes-csi-livenessprobe, hey, up, docker-credential-acr-env, go-licenses, gobuster,...

peham.dev Cross Site Scripting vulnerability OBB-3928736

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5114 Campcodes Complete Web-Based School Management System teacher_attendance_history1.php sql injection

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_attendance_history1.php. The manipulation of the argument index leads to sql injection. It is possible to launch the attack.....

olocarrosserie.be Cross Site Scripting vulnerability OBB-3928729

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

ogcrafts.com Cross Site Scripting vulnerability OBB-3928727

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

nutribiostore.es Cross Site Scripting vulnerability OBB-3928725

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

noveltystreet.com Cross Site Scripting vulnerability OBB-3928723

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

noahossanna.com Cross Site Scripting vulnerability OBB-3928722

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

nightskygazing.com Cross Site Scripting vulnerability OBB-3928721

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

news.green-flower.com Cross Site Scripting vulnerability OBB-3928719

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

musicinsidermagazine.com Cross Site Scripting vulnerability OBB-3928715

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

moodsfloor.com Cross Site Scripting vulnerability OBB-3928713

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

monindien.com Cross Site Scripting vulnerability OBB-3928712

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5113 Campcodes Complete Web-Based School Management System student_profile1.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/student_profile1.php. The manipulation of the argument std_index leads to sql injection. The attack may be initiated...

Exploit for CVE-2024-3435

This is a Next.js project bootstrapped...

CVE-2024-5110

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/student_payment_invoice.php. The manipulation of the argument index leads to sql injection. The attack may be...

CVE-2024-5111

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/student_payment_invoice1.php. The manipulation of the argument date leads to sql injection. It is possible to initiate the...

CVE-2024-5112

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/student_profile.php. The manipulation of the argument std_index leads to sql injection. The attack can be initiated...

CVE-2024-5112 Campcodes Complete Web-Based School Management System student_profile.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/student_profile.php. The manipulation of the argument std_index leads to sql injection. The attack can be initiated...

CVE-2024-5111 Campcodes Complete Web-Based School Management System student_payment_invoice1.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/student_payment_invoice1.php. The manipulation of the argument date leads to sql injection. It is possible to initiate the...

CVE-2024-5109

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /view/student_payment_history.php. The manipulation of the argument index leads to sql injection. The...

(RHSA-2024:2910) Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): nodejs: CONTINUATION frames DoS (CVE-2024-27983) nodejs: using the fetch() function to retrieve content from an untrusted URL leads to...

(RHSA-2024:2907) Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related...

(RHSA-2024:2906) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

(RHSA-2024:2905) Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) firefox:...

(RHSA-2024:2904) Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) firefox:...

(RHSA-2024:2903) Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) firefox:...

CVE-2024-5110 Campcodes Complete Web-Based School Management System student_payment_invoice.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/student_payment_invoice.php. The manipulation of the argument index leads to sql injection. The attack may be...