Lucene search

K

Flexi – Guest Submit Security Vulnerabilities

cvelist
cvelist

CVE-2024-5238 Campcodes Complete Web-Based School Management System timetable_insert_form.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/timetable_insert_form.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 05:31 AM
cvelist
cvelist

CVE-2024-5237 Campcodes Complete Web-Based School Management System timetable_grade_wise.php sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /view/timetable_grade_wise.php. The manipulation of the argument grade leads to sql injection. The attack....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 05:31 AM
cve
cve

CVE-2024-5236

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_salary_invoice1.php. The manipulation of the argument date leads to sql injection. The attack can be...

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-23 05:15 AM
35
nvd
nvd

CVE-2024-5236

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_salary_invoice1.php. The manipulation of the argument date leads to sql injection. The attack can be...

6.3CVSS

6.9AI Score

0.0004EPSS

2024-05-23 05:15 AM
cve
cve

CVE-2024-5233

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/teacher_salary_details3.php. The manipulation of the argument index leads to sql injection. The attack can be...

6.3CVSS

7.5AI Score

0.0004EPSS

2024-05-23 05:15 AM
31
cve
cve

CVE-2024-5235

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_salary_invoice.php. The manipulation of the argument teacher_id leads to sql injection. It is possible to launch the attack.....

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-23 05:15 AM
34
nvd
nvd

CVE-2024-5235

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_salary_invoice.php. The manipulation of the argument teacher_id leads to sql injection. It is possible to launch the attack.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 05:15 AM
nvd
nvd

CVE-2024-5233

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/teacher_salary_details3.php. The manipulation of the argument index leads to sql injection. The attack can be...

6.3CVSS

6.9AI Score

0.0004EPSS

2024-05-23 05:15 AM
nvd
nvd

CVE-2024-5234

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/teacher_salary_history1.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 05:15 AM
cve
cve

CVE-2024-5234

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/teacher_salary_history1.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-23 05:15 AM
32
cvelist
cvelist

CVE-2024-5236 Campcodes Complete Web-Based School Management System teacher_salary_invoice1.php sql injection

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_salary_invoice1.php. The manipulation of the argument date leads to sql injection. The attack can be...

6.3CVSS

6.9AI Score

0.0004EPSS

2024-05-23 05:00 AM
cvelist
cvelist

CVE-2024-5235 Campcodes Complete Web-Based School Management System teacher_salary_invoice.php sql injection

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_salary_invoice.php. The manipulation of the argument teacher_id leads to sql injection. It is possible to launch the attack.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 05:00 AM
cvelist
cvelist

CVE-2024-5234 Campcodes Complete Web-Based School Management System teacher_salary_history1.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/teacher_salary_history1.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 04:31 AM
cvelist
cvelist

CVE-2024-5233 Campcodes Complete Web-Based School Management System teacher_salary_details3.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/teacher_salary_details3.php. The manipulation of the argument index leads to sql injection. The attack can be...

6.3CVSS

6.9AI Score

0.0004EPSS

2024-05-23 04:31 AM
nvd
nvd

CVE-2024-5232

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/teacher_salary_details2.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 04:15 AM
cve
cve

CVE-2024-5232

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/teacher_salary_details2.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-23 04:15 AM
32
nuclei
nuclei

QloApps 1.6.0 - SQL Injection

An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameters date_from, date_to, and id_product allows a remote attacker to retrieve the contents of an entire...

7.5CVSS

7.9AI Score

0.007EPSS

2024-05-23 04:09 AM
6
cvelist
cvelist

CVE-2024-5232 Campcodes Complete Web-Based School Management System teacher_salary_details2.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/teacher_salary_details2.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 03:31 AM
vulnrichment
vulnrichment

CVE-2024-5232 Campcodes Complete Web-Based School Management System teacher_salary_details2.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/teacher_salary_details2.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-23 03:31 AM
1
nvd
nvd

CVE-2024-5231

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/teacher_salary_details.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 03:15 AM
cve
cve

CVE-2024-5231

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/teacher_salary_details.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-23 03:15 AM
29
cvelist
cvelist

CVE-2024-5231 Campcodes Complete Web-Based School Management System teacher_salary_details.php sql injection

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/teacher_salary_details.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-23 03:00 AM
cve
cve

CVE-2024-5230

A vulnerability has been found in EnvaySoft FleetCart up to 4.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument razorpayKeyId leads to information disclosure. The attack can be launched remotely. It is recommended to...

5.3CVSS

6.4AI Score

0.001EPSS

2024-05-23 02:15 AM
26
nvd
nvd

CVE-2024-5230

A vulnerability has been found in EnvaySoft FleetCart up to 4.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument razorpayKeyId leads to information disclosure. The attack can be launched remotely. It is recommended to...

5.3CVSS

5.1AI Score

0.001EPSS

2024-05-23 02:15 AM
vulnrichment
vulnrichment

CVE-2024-5230 EnvaySoft FleetCart information disclosure

A vulnerability has been found in EnvaySoft FleetCart up to 4.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument razorpayKeyId leads to information disclosure. The attack can be launched remotely. It is recommended to...

5.3CVSS

6.5AI Score

0.001EPSS

2024-05-23 02:00 AM
cvelist
cvelist

CVE-2024-5230 EnvaySoft FleetCart information disclosure

A vulnerability has been found in EnvaySoft FleetCart up to 4.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument razorpayKeyId leads to information disclosure. The attack can be launched remotely. It is recommended to...

5.3CVSS

5.1AI Score

0.001EPSS

2024-05-23 02:00 AM
openvas
openvas

VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Linux

VMware Workstation is prone to multiple ...

9.3CVSS

7.3AI Score

0.001EPSS

2024-05-23 12:00 AM
6
nessus
nessus

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:3253)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3253 advisory. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains...

6.2CVSS

6.7AI Score

0.001EPSS

2024-05-23 12:00 AM
3
openvas
openvas

VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Windows

VMware Workstation is prone to multiple ...

9.3CVSS

7.3AI Score

0.001EPSS

2024-05-23 12:00 AM
3
oraclelinux
oraclelinux

kernel security, bug fix, and enhancement update

[4.18.0-553.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...

9.8CVSS

8AI Score

EPSS

2024-05-23 12:00 AM
11
wpexploit
wpexploit

Search & Replace < 3.2.2 - Admin+ SQL injection

Description The plugin does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks (such as within a multi-site...

7.5AI Score

0.0004EPSS

2024-05-23 12:00 AM
6
oraclelinux
oraclelinux

edk2 security update

[20220126gitbb1bba3d77-13] - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158] - edk2-StandaloneMmPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158] - Resolves: RHEL-21158 (CVE-2022-36765 edk2: integer overflow in CreateHob() could lead to HOB OOB R/W [rhel-8])...

8.8CVSS

7.5AI Score

0.006EPSS

2024-05-23 12:00 AM
2
wpvulndb
wpvulndb

Search & Replace < 3.2.2 - Admin+ SQL injection

Description The plugin does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks (such as within a multi-site network). PoC 1. Go to the Tools parameter 2. Select Search & Replace 3. Click "Do Search & Replace" 4. Change the...

7.2AI Score

0.0004EPSS

2024-05-23 12:00 AM
1
openvas
openvas

VMware Fusion Multiple Vulnerabilities (VMSA_2024_0010) - Mac OS X

VMware Fusion is prone to multiple ...

9.3CVSS

7.3AI Score

0.001EPSS

2024-05-23 12:00 AM
7
nessus
nessus

FreeBSD : Gitlab -- Vulnerabilities (f848ef90-1848-11ef-9850-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f848ef90-1848-11ef-9850-001b217b3468 advisory. Gitlab reports: 1-click account takeover via XSS in the code editor in gitlab.com A DOS...

8CVSS

6.7AI Score

0.0004EPSS

2024-05-23 12:00 AM
11
nessus
nessus

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:2962)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2962 advisory. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module...

7CVSS

7.5AI Score

0.002EPSS

2024-05-23 12:00 AM
4
nessus
nessus

RHEL 8 : linux-firmware (RHSA-2024:3178)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3178 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw:...

8.2CVSS

7AI Score

0.0005EPSS

2024-05-23 12:00 AM
2
qualysblog
qualysblog

TotalCloud Insights: Uncovering the Hidden Dangers in Google Cloud Dataproc

Summary The Apache Hadoop Distributed File System (HDFS) can be vulnerable to data compromise when a Compute Engine cluster is in a public-facing virtual private cloud (VPC) or shares the VPC with other Compute Engine instances. Google Cloud Platform (GCP) provides a default VPC called 'default.'.....

8.3AI Score

2024-05-22 05:53 PM
9
cve
cve

CVE-2024-5196

A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The exploit has been...

4.7CVSS

7.5AI Score

0.0004EPSS

2024-05-22 12:15 PM
28
nvd
nvd

CVE-2024-5196

A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The exploit has been...

4.7CVSS

5.4AI Score

0.0004EPSS

2024-05-22 12:15 PM
3
cvelist
cvelist

CVE-2024-5196 Arris VAP2500 tools_command.php command injection

A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The exploit has been...

4.7CVSS

5.4AI Score

0.0004EPSS

2024-05-22 12:00 PM
nvd
nvd

CVE-2024-5195

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The exploit has been...

4.7CVSS

5.3AI Score

0.0004EPSS

2024-05-22 11:15 AM
cve
cve

CVE-2024-5195

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The exploit has been...

4.7CVSS

7.4AI Score

0.0004EPSS

2024-05-22 11:15 AM
26
nvd
nvd

CVE-2024-5194

A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been...

4.7CVSS

5.4AI Score

0.0004EPSS

2024-05-22 11:15 AM
2
nvd
nvd

CVE-2024-5193

A vulnerability was found in Ritlabs TinyWeb Server 1.94. It has been classified as problematic. Affected is an unknown function of the component Request Handler. The manipulation with the input %0D%0A leads to crlf injection. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS

5.7AI Score

0.0004EPSS

2024-05-22 11:15 AM
cve
cve

CVE-2024-5194

A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been...

4.7CVSS

7.5AI Score

0.0004EPSS

2024-05-22 11:15 AM
27
cve
cve

CVE-2024-5193

A vulnerability was found in Ritlabs TinyWeb Server 1.94. It has been classified as problematic. Affected is an unknown function of the component Request Handler. The manipulation with the input %0D%0A leads to crlf injection. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS

7.1AI Score

0.0004EPSS

2024-05-22 11:15 AM
28
cvelist
cvelist

CVE-2024-5195 Arris VAP2500 diag_s.php command injection

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The exploit has been...

4.7CVSS

5.3AI Score

0.0004EPSS

2024-05-22 11:00 AM
cvelist
cvelist

CVE-2024-5194 Arris VAP2500 assoc_table.php command injection

A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been...

4.7CVSS

5.4AI Score

0.0004EPSS

2024-05-22 11:00 AM
redhat
redhat

(RHSA-2024:3253) Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the....

7.3AI Score

0.001EPSS

2024-05-22 10:41 AM
5
Total number of security vulnerabilities64402