Flexi – Guest Submit Security Vulnerabilities
A vulnerability classified as problematic was found in Kashipara College Management System 1.0. This vulnerability affects unknown code of the file submit_extracurricular_activity.php. The manipulation of the argument activity_contact leads to cross site scripting. The attack can be initiated...
3.5CVSS
3.9AI Score
0.0004EPSS
A vulnerability classified as problematic was found in Kashipara College Management System 1.0. This vulnerability affects unknown code of the file submit_extracurricular_activity.php. The manipulation of the argument activity_contact leads to cross site scripting. The attack can be initiated...
3.5CVSS
6.3AI Score
0.0004EPSS
CVE-2024-5373 Kashipara College Management System submit_login.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Kashipara College Management System 1.0. This issue affects some unknown processing of the file submit_login.php. The manipulation of the argument usertype leads to cross site scripting. The attack may be initiated remotely....
3.5CVSS
6.2AI Score
0.0004EPSS
CVE-2024-5373 Kashipara College Management System submit_login.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Kashipara College Management System 1.0. This issue affects some unknown processing of the file submit_login.php. The manipulation of the argument usertype leads to cross site scripting. The attack may be initiated remotely....
3.5CVSS
3.8AI Score
0.0004EPSS
A vulnerability classified as problematic was found in Kashipara College Management System 1.0. This vulnerability affects unknown code of the file submit_extracurricular_activity.php. The manipulation of the argument activity_contact leads to cross site scripting. The attack can be initiated...
3.5CVSS
3.9AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file submit_enroll_staff.php. The manipulation of the argument class_name leads to cross site scripting. The attack may be launched...
3.5CVSS
3.7AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in Kashipara College Management System 1.0. This affects an unknown part of the file submit_enroll_student.php. The manipulation of the argument class_name leads to cross site scripting. It is possible to initiate the attack remotely. The...
3.5CVSS
3.7AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in Kashipara College Management System 1.0. This affects an unknown part of the file submit_enroll_student.php. The manipulation of the argument class_name leads to cross site scripting. It is possible to initiate the attack remotely. The...
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file submit_enroll_staff.php. The manipulation of the argument class_name leads to cross site scripting. The attack may be launched...
3.5CVSS
6.2AI Score
0.0004EPSS
CVE-2024-5371 Kashipara College Management System submit_enroll_student.php cross site scripting
A vulnerability classified as problematic has been found in Kashipara College Management System 1.0. This affects an unknown part of the file submit_enroll_student.php. The manipulation of the argument class_name leads to cross site scripting. It is possible to initiate the attack remotely. The...
3.5CVSS
3.7AI Score
0.0004EPSS
CVE-2024-5371 Kashipara College Management System submit_enroll_student.php cross site scripting
A vulnerability classified as problematic has been found in Kashipara College Management System 1.0. This affects an unknown part of the file submit_enroll_student.php. The manipulation of the argument class_name leads to cross site scripting. It is possible to initiate the attack remotely. The...
3.5CVSS
6.2AI Score
0.0004EPSS
CVE-2024-5370 Kashipara College Management System submit_enroll_staff.php cross site scripting
A vulnerability was found in Kashipara College Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file submit_enroll_staff.php. The manipulation of the argument class_name leads to cross site scripting. The attack may be launched...
3.5CVSS
6.2AI Score
0.0004EPSS
CVE-2024-5370 Kashipara College Management System submit_enroll_staff.php cross site scripting
A vulnerability was found in Kashipara College Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file submit_enroll_staff.php. The manipulation of the argument class_name leads to cross site scripting. The attack may be launched...
3.5CVSS
3.7AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file submit_admin.php. The manipulation of the argument admin_name leads to cross site scripting. The attack can be launched.....
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file submit_admin.php. The manipulation of the argument admin_name leads to cross site scripting. The attack can be launched.....
3.5CVSS
3.8AI Score
0.0004EPSS
CVE-2024-5369 Kashipara College Management System submit_admin.php cross site scripting
A vulnerability was found in Kashipara College Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file submit_admin.php. The manipulation of the argument admin_name leads to cross site scripting. The attack can be launched.....
3.5CVSS
3.8AI Score
0.0004EPSS
CVE-2024-5369 Kashipara College Management System submit_admin.php cross site scripting
A vulnerability was found in Kashipara College Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file submit_admin.php. The manipulation of the argument admin_name leads to cross site scripting. The attack can be launched.....
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file delete_faculty.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit.....
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file delete_faculty.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit.....
3.5CVSS
3.8AI Score
0.0004EPSS
CVE-2024-5368 Kashipara College Management System delete_faculty.php cross site scripting
A vulnerability was found in Kashipara College Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file delete_faculty.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit.....
3.5CVSS
6.2AI Score
0.0004EPSS
CVE-2024-5368 Kashipara College Management System delete_faculty.php cross site scripting
A vulnerability was found in Kashipara College Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file delete_faculty.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit.....
3.5CVSS
3.8AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file each_extracurricula_activities.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely....
3.5CVSS
3.8AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file each_extracurricula_activities.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely....
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file each_extracurricula_activities.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely....
3.5CVSS
3.8AI Score
0.0004EPSS
A vulnerability was found in Kashipara College Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file each_extracurricula_activities.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely....
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability has been found in SourceCodester Best House Rental Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file edit-cate.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...
6.3CVSS
6.9AI Score
0.0004EPSS
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to restrict the audience of the "custom_playbooks_playbook_run_updated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by....
4.3CVSS
6.7AI Score
0.0004EPSS
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to restrict the audience of the "custom_playbooks_playbook_run_updated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by....
4.3CVSS
4.6AI Score
0.0004EPSS
A vulnerability has been found in SourceCodester Best House Rental Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file edit-cate.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...
6.3CVSS
7.5AI Score
0.0004EPSS
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run that linked to the channel they are guest via sending an RHSRuns GraphQL query request to the...
4.3CVSS
4.6AI Score
0.0004EPSS
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run that linked to the channel they are guest via sending an RHSRuns GraphQL query request to the...
4.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-5366 SourceCodester Best House Rental Management System edit-cate.php sql injection
A vulnerability has been found in SourceCodester Best House Rental Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file edit-cate.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...
6.3CVSS
6.9AI Score
0.0004EPSS
CVE-2024-5366 SourceCodester Best House Rental Management System edit-cate.php sql injection
A vulnerability has been found in SourceCodester Best House Rental Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file edit-cate.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...
6.3CVSS
7.5AI Score
0.0004EPSS
CVE-2024-5272 Run Details leak to guest via webhook event "custom_playbooks_playbook_run_updated"
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to restrict the audience of the "custom_playbooks_playbook_run_updated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by....
4.3CVSS
4.6AI Score
0.0004EPSS
CVE-2024-5272 Run Details leak to guest via webhook event "custom_playbooks_playbook_run_updated"
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to restrict the audience of the "custom_playbooks_playbook_run_updated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by....
4.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-34152 Playbook Run Metadata leak to Guest
Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run that linked to the channel they are guest via sending an RHSRuns GraphQL query request to the...
4.3CVSS
4.6AI Score
0.0004EPSS
A vulnerability, which was classified as critical, was found in SourceCodester Best House Rental Management System up to 1.0. This affects an unknown part of the file manage_payment.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The....
6.3CVSS
6.8AI Score
0.0004EPSS
A vulnerability, which was classified as critical, was found in SourceCodester Best House Rental Management System up to 1.0. This affects an unknown part of the file manage_payment.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The....
6.3CVSS
7.3AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System up to 1.0. Affected by this issue is some unknown functionality of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. The attack may be...
6.3CVSS
6.8AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System up to 1.0. Affected by this issue is some unknown functionality of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. The attack may be...
6.3CVSS
7.3AI Score
0.0004EPSS
CVE-2024-5365 SourceCodester Best House Rental Management System manage_payment.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Best House Rental Management System up to 1.0. This affects an unknown part of the file manage_payment.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The....
6.3CVSS
7.3AI Score
0.0004EPSS
CVE-2024-5365 SourceCodester Best House Rental Management System manage_payment.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Best House Rental Management System up to 1.0. This affects an unknown part of the file manage_payment.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The....
6.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-5364 SourceCodester Best House Rental Management System manage_tenant.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System up to 1.0. Affected by this issue is some unknown functionality of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. The attack may be...
6.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-5364 SourceCodester Best House Rental Management System manage_tenant.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System up to 1.0. Affected by this issue is some unknown functionality of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. The attack may be...
6.3CVSS
7.3AI Score
0.0004EPSS
A vulnerability classified as critical has been found in SourceCodester Online Hospital Management System 1.0. Affected is an unknown function of the file departmentDoctor.php. The manipulation of the argument deptid leads to sql injection. It is possible to launch the attack remotely. The exploit....
7.3CVSS
7.6AI Score
0.0004EPSS
A vulnerability classified as critical was found in SourceCodester Best House Rental Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely.....
6.3CVSS
6.9AI Score
0.0004EPSS
A vulnerability classified as critical has been found in SourceCodester Online Hospital Management System 1.0. Affected is an unknown function of the file departmentDoctor.php. The manipulation of the argument deptid leads to sql injection. It is possible to launch the attack remotely. The exploit....
7.3CVSS
7.4AI Score
0.0004EPSS
A vulnerability classified as critical was found in SourceCodester Best House Rental Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely.....
6.3CVSS
7.4AI Score
0.0004EPSS
CVE-2024-5363 SourceCodester Best House Rental Management System manage_user.php sql injection
A vulnerability classified as critical was found in SourceCodester Best House Rental Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely.....
6.3CVSS
6.9AI Score
0.0004EPSS
CVE-2024-5363 SourceCodester Best House Rental Management System manage_user.php sql injection
A vulnerability classified as critical was found in SourceCodester Best House Rental Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely.....
6.3CVSS
7.5AI Score
0.0004EPSS