CVE-2024-3771 PHPGurukul Student Record System edit-subject.php sql injection
A vulnerability was found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this issue is some unknown functionality of the file /edit-subject.php. The manipulation of the argument sub1/sub2/sub3/sub4/udate leads to sql injection. The attack may be launched remotely.....
6.3CVSS
7AI Score
0.0004EPSS
A vulnerability has been found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage-courses.php?del=1. The manipulation of the argument del leads to sql injection. The attack can be launched remotely....
6.3CVSS
7.3AI Score
0.0004EPSS
A vulnerability has been found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage-courses.php?del=1. The manipulation of the argument del leads to sql injection. The attack can be launched remotely....
6.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-3770 PHPGurukul Student Record System sql injection
A vulnerability has been found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage-courses.php?del=1. The manipulation of the argument del leads to sql injection. The attack can be launched remotely....
6.3CVSS
7AI Score
0.0004EPSS
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
6.3CVSS
6.9AI Score
0.0004EPSS
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
6.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit has been...
6.3CVSS
7.3AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit has been...
6.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-3768 PHPGurukul News Portal search.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit has been...
6.3CVSS
7.1AI Score
0.0004EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
CVE-2024-3400 Compromise Checker A very simple bash script to...
10CVSS
9.7AI Score
0.957EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
CVE-2024-3400 Compromise Checker A very simple bash script to...
10CVSS
9.7AI Score
0.957EPSS
CVE-2024-3767 PHPGurukul News Portal edit-post.php sql injection
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
6.3CVSS
7.5AI Score
0.0004EPSS
CVE-2024-3767 PHPGurukul News Portal edit-post.php sql injection
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
6.3CVSS
7.2AI Score
0.0004EPSS
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search...
6AI Score
0.0004EPSS
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name...
6AI Score
0.0004EPSS
Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter at...
6.3AI Score
0.0004EPSS
SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to...
8.4AI Score
0.0004EPSS
A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of service via the LISTEN parameter in the fromDhcpListClient...
6.7AI Score
0.0004EPSS
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name...
6AI Score
0.0004EPSS
6.8CVSS
7.9AI Score
EPSS
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name...
6AI Score
0.0004EPSS
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to...
8.4AI Score
0.0004EPSS
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search...
6.2AI Score
0.0004EPSS
A vulnerability was found in Emlog Pro 2.2.10. It has been rated as problematic. This issue affects some unknown processing of the file /admin/tag.php of the component Post Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
2.4CVSS
3.3AI Score
0.0004EPSS
A vulnerability was found in Emlog Pro 2.2.10. It has been rated as problematic. This issue affects some unknown processing of the file /admin/tag.php of the component Post Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
2.4CVSS
6AI Score
0.0004EPSS
CVE-2024-3763 Emlog Pro Post Tag tag.php cross site scripting
A vulnerability was found in Emlog Pro 2.2.10. It has been rated as problematic. This issue affects some unknown processing of the file /admin/tag.php of the component Post Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
2.4CVSS
3.7AI Score
0.0004EPSS
CVE-2024-3763 Emlog Pro Post Tag tag.php cross site scripting
A vulnerability was found in Emlog Pro 2.2.10. It has been rated as problematic. This issue affects some unknown processing of the file /admin/tag.php of the component Post Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
2.4CVSS
6AI Score
0.0004EPSS
[SECURITY] [DSA 5658-1] linux security update
Debian Security Advisory DSA-5658-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2024 https://www.debian.org/security/faq Package : linux CVE ID : CVE-2023-2176 CVE-2023-6270...
8CVSS
10AI Score
EPSS
Debian dsa-5658 : affs-modules-6.1.0-11-4kc-malta-di - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5658 advisory. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in...
8CVSS
7.6AI Score
EPSS
Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator...
6.9AI Score
0.0004EPSS
Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator...
6.6AI Score
0.0004EPSS
A vulnerability classified as problematic was found in SourceCodester Warehouse Management System 1.0. This vulnerability affects unknown code of the file pengguna.php. The manipulation of the argument admin_user/admin_nama/admin_alamat/admin_telepon leads to cross site scripting. The attack can...
3.5CVSS
3.9AI Score
0.0004EPSS
A vulnerability classified as problematic was found in SourceCodester Warehouse Management System 1.0. This vulnerability affects unknown code of the file pengguna.php. The manipulation of the argument admin_user/admin_nama/admin_alamat/admin_telepon leads to cross site scripting. The attack can...
3.5CVSS
6.3AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument nama_customer/alamat_customer/notelp_customer leads to cross site scripting. It is possible to...
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument nama_customer/alamat_customer/notelp_customer leads to cross site scripting. It is possible to...
3.5CVSS
3.7AI Score
0.0004EPSS
CVE-2024-3616 SourceCodester Warehouse Management System pengguna.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Warehouse Management System 1.0. This vulnerability affects unknown code of the file pengguna.php. The manipulation of the argument admin_user/admin_nama/admin_alamat/admin_telepon leads to cross site scripting. The attack can...
3.5CVSS
4.3AI Score
0.0004EPSS
CVE-2024-3614 SourceCodester Warehouse Management System customer.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument nama_customer/alamat_customer/notelp_customer leads to cross site scripting. It is possible to...
3.5CVSS
4.1AI Score
0.0004EPSS
A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file supplier.php. The manipulation of the argument nama_supplier/alamat_supplier/notelp_supplier leads to cross site...
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file supplier.php. The manipulation of the argument nama_supplier/alamat_supplier/notelp_supplier leads to cross site...
3.5CVSS
3.7AI Score
0.0004EPSS
CVE-2024-3613 SourceCodester Warehouse Management System supplier.php cross site scripting
A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file supplier.php. The manipulation of the argument nama_supplier/alamat_supplier/notelp_supplier leads to cross site...
3.5CVSS
4.1AI Score
0.0004EPSS
.NET Core Privilege Escalation Vulnerability (KB5037338)
This host is missing an important security update according to Microsoft...
7.3CVSS
7.2AI Score
0.0004EPSS
Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator...
6.9AI Score
0.0004EPSS
.NET Core Privilege Escalation Vulnerability (KB5037337)
This host is missing an important security update according to Microsoft...
7.3CVSS
7.2AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Apache HTTP Server vulnerabilities (USN-6729-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6729-1 advisory. Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP...
7.5CVSS
6.8AI Score
0.005EPSS
Apache HTTP Server vulnerabilities
Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages apache2 - Apache HTTP server Details Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks....
7.5CVSS
7.5AI Score
0.005EPSS
Node.js < 18.20.2, 19.x < 20.12.2, 21.x < 21.7.3 Command Injection Vulnerability - Windows
Node.js is prone to a command injection vulnerability on ...
7AI Score
EPSS
Fedora 38 : dotnet7.0 (2024-8fd3285bd9)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8fd3285bd9 advisory. This is the March 2024 update for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.17/7.0.17.md...
7.3AI Score
.NET Core Privilege Escalation Vulnerability (KB5037336)
This host is missing an important security update according to Microsoft...
7.3CVSS
7.2AI Score
0.0004EPSS
Xpdf is vulnerable to an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc), allowing crafted PDF files or JBIG2 images to crash or execute arbitrary...
7.8CVSS
7.9AI Score
0.002EPSS
Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks
A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are...
10CVSS
9.9AI Score
EPSS