Lucene search

K

Sermon'e – Sermons Online Security Vulnerabilities

cve
cve

CVE-2024-4918

A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. This affects an unknown part of the file updateQuestion.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:15 PM
19
cve
cve

CVE-2024-4917

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:15 PM
20
cve
cve

CVE-2024-4916

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:15 PM
19
nvd
nvd

CVE-2024-4917

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 11:15 PM
nvd
nvd

CVE-2024-4916

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 11:15 PM
cvelist
cvelist

CVE-2024-4918 Campcodes Online Examination System updateQuestion.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. This affects an unknown part of the file updateQuestion.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

7AI Score

0.0004EPSS

2024-05-15 11:00 PM
vulnrichment
vulnrichment

CVE-2024-4917 Campcodes Online Examination System submitAnswerExe.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:00 PM
cvelist
cvelist

CVE-2024-4917 Campcodes Online Examination System submitAnswerExe.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

7AI Score

0.0004EPSS

2024-05-15 11:00 PM
cvelist
cvelist

CVE-2024-4916 Campcodes Online Examination System selExamAttemptExe.php sql injection

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-15 10:31 PM
vulnrichment
vulnrichment

CVE-2024-4916 Campcodes Online Examination System selExamAttemptExe.php sql injection

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-15 10:31 PM
cve
cve

CVE-2024-4914

A vulnerability, which was classified as critical, has been found in Campcodes Online Examination System 1.0. This issue affects some unknown processing of the file ranking-exam.php. The manipulation of the argument exam_id leads to sql injection. The attack may be initiated remotely. The exploit.....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 10:15 PM
19
nvd
nvd

CVE-2024-4915

A vulnerability, which was classified as critical, was found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file result.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 10:15 PM
cve
cve

CVE-2024-4915

A vulnerability, which was classified as critical, was found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file result.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed.....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 10:15 PM
19
nvd
nvd

CVE-2024-4914

A vulnerability, which was classified as critical, has been found in Campcodes Online Examination System 1.0. This issue affects some unknown processing of the file ranking-exam.php. The manipulation of the argument exam_id leads to sql injection. The attack may be initiated remotely. The exploit.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 10:15 PM
nvd
nvd

CVE-2024-35184

Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...

5.5CVSS

5.5AI Score

0.0004EPSS

2024-05-15 10:15 PM
osv
osv

CVE-2024-35184

Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...

5.5CVSS

6.9AI Score

0.0004EPSS

2024-05-15 10:15 PM
3
cve
cve

CVE-2024-35184

Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...

5.5CVSS

6.8AI Score

0.0004EPSS

2024-05-15 10:15 PM
20
vulnrichment
vulnrichment

CVE-2024-4915 Campcodes Online Examination System result.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file result.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed.....

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-15 10:00 PM
1
cvelist
cvelist

CVE-2024-4915 Campcodes Online Examination System result.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file result.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed.....

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-15 10:00 PM
cvelist
cvelist

CVE-2024-4914 Campcodes Online Examination System ranking-exam.php sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Online Examination System 1.0. This issue affects some unknown processing of the file ranking-exam.php. The manipulation of the argument exam_id leads to sql injection. The attack may be initiated remotely. The exploit.....

6.3CVSS

7AI Score

0.0004EPSS

2024-05-15 09:31 PM
vulnrichment
vulnrichment

CVE-2024-4914 Campcodes Online Examination System ranking-exam.php sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Online Examination System 1.0. This issue affects some unknown processing of the file ranking-exam.php. The manipulation of the argument exam_id leads to sql injection. The attack may be initiated remotely. The exploit.....

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-15 09:31 PM
cvelist
cvelist

CVE-2024-35184 paperless-ngx's remote user auth via header works even when disabling it for API

Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...

5.5CVSS

5.7AI Score

0.0004EPSS

2024-05-15 09:29 PM
vulnrichment
vulnrichment

CVE-2024-35184 paperless-ngx's remote user auth via header works even when disabling it for API

Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...

5.5CVSS

6.9AI Score

0.0004EPSS

2024-05-15 09:29 PM
1
nvd
nvd

CVE-2024-4913

A vulnerability classified as critical was found in Campcodes Online Examination System 1.0. This vulnerability affects unknown code of the file exam.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public.....

6.3CVSS

6.9AI Score

0.0004EPSS

2024-05-15 09:15 PM
cve
cve

CVE-2024-4913

A vulnerability classified as critical was found in Campcodes Online Examination System 1.0. This vulnerability affects unknown code of the file exam.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public.....

6.3CVSS

7.5AI Score

0.0004EPSS

2024-05-15 09:15 PM
19
cve
cve

CVE-2024-4912

A vulnerability classified as critical has been found in Campcodes Online Examination System 1.0. This affects an unknown part of the file addExamExe.php. The manipulation of the argument examTitle leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-15 09:15 PM
20
nvd
nvd

CVE-2024-4912

A vulnerability classified as critical has been found in Campcodes Online Examination System 1.0. This affects an unknown part of the file addExamExe.php. The manipulation of the argument examTitle leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 09:15 PM
vulnrichment
vulnrichment

CVE-2024-4913 Campcodes Online Examination System exam.php sql injection

A vulnerability classified as critical was found in Campcodes Online Examination System 1.0. This vulnerability affects unknown code of the file exam.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public.....

6.3CVSS

7.6AI Score

0.0004EPSS

2024-05-15 09:00 PM
1
cvelist
cvelist

CVE-2024-4913 Campcodes Online Examination System exam.php sql injection

A vulnerability classified as critical was found in Campcodes Online Examination System 1.0. This vulnerability affects unknown code of the file exam.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public.....

6.3CVSS

7.2AI Score

0.0004EPSS

2024-05-15 09:00 PM
cvelist
cvelist

CVE-2024-4912 Campcodes Online Examination System addExamExe.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Examination System 1.0. This affects an unknown part of the file addExamExe.php. The manipulation of the argument examTitle leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-15 08:31 PM
vulnrichment
vulnrichment

CVE-2024-4912 Campcodes Online Examination System addExamExe.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Examination System 1.0. This affects an unknown part of the file addExamExe.php. The manipulation of the argument examTitle leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-15 08:31 PM
malwarebytes
malwarebytes

Notorious data leak site BreachForums seized by law enforcement

BreachForums—probably the largest dark web marketplace for stolen data to be leaked and sold—has been seized by law enforcement. Now, both the regular and the TOR domain of BreachForums are plastered with a message telling visitors the site is now under control of the FBI. The FBI said...

7AI Score

2024-05-15 08:30 PM
5
hackread
hackread

Popular Cyber Crime Forum Breach Forums Seized by Police

By Waqas In a major blow to cybercrime, Breach Forums, a notorious online marketplace for stolen data, has been seized by the FBI and Department of Justice (DoJ). This unprecedented takedown includes not just the clear web domain, but also the dark web, escrow sections and Telegram accounts. This.....

7.3AI Score

2024-05-15 04:57 PM
2
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-2 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

7.8CVSS

7.5AI Score

EPSS

2024-05-15 12:00 AM
5
nessus
nessus

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1648-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory ...

7.8CVSS

7.2AI Score

EPSS

2024-05-15 12:00 AM
14
nessus
nessus

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1646-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array...

7.8CVSS

7.2AI Score

EPSS

2024-05-15 12:00 AM
8
wpvulndb
wpvulndb

Academy LMS < 1.9.26 - Unauthenticated Sensitive Information Exposure

Description The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.25. This makes it possible for unauthenticated attackers to extract sensitive user or configuration...

5.3CVSS

6.3AI Score

0.0004EPSS

2024-05-15 12:00 AM
1
nessus
nessus

FreeBSD : dnsdist -- Transfer requests received over DoH can lead to a denial of service (f2d8342f-1134-11ef-8791-6805ca2fa271)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f2d8342f-1134-11ef-8791-6805ca2fa271 advisory. When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to...

7.5CVSS

7.2AI Score

0.0004EPSS

2024-05-15 12:00 AM
2
nessus
nessus

Security Updates for Microsoft Office Online Server (May 2023)

The Microsoft Office Web Apps installation on the remote host is missing a security update. It is, therefore, affected by the following: Microsoft Excel is affected by a remote code execution vulnerability. (CVE-2024-30042) Note that Nessus has not tested for this issue but has instead relied...

7.8CVSS

7.9AI Score

0.001EPSS

2024-05-15 12:00 AM
4
nessus
nessus

FreeBSD : Intel CPUs -- multiple vulnerabilities (5afd64ae-122a-11ef-8eed-1c697a616631)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5afd64ae-122a-11ef-8eed-1c697a616631 advisory. Intel reports: Potential security vulnerabilities in some Intel Trust Domain ...

7.9CVSS

7.7AI Score

0.0004EPSS

2024-05-15 12:00 AM
3
wpexploit
wpexploit

BuddyBoss Platform < 2.6.0 - Subscriber+ Comment on Private Post via IDOR

Description The plugin contains an IDOR vulnerability that allows a user to comment on a private post by manipulating the ID included in the...

4.3CVSS

6.6AI Score

0.0004EPSS

2024-05-15 12:00 AM
15
wpvulndb
wpvulndb

Tutor LMS – eLearning and online course solution < 2.7.1 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Course Deletion

Description The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key....

6.5CVSS

6.6AI Score

0.001EPSS

2024-05-15 12:00 AM
3
nessus
nessus

FreeBSD : qt6-base (core module) -- Invalid pointer in QStringConverter (e79cc4e2-12d7-11ef-83d8-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e79cc4e2-12d7-11ef-83d8-4ccc6adda413 advisory. Andy Shaw reports: QStringConverter has an invalid pointer being passed as a callback ...

7.2AI Score

EPSS

2024-05-15 12:00 AM
wpvulndb
wpvulndb

BuddyBoss Platform < 2.6.0 - Subscriber+ Comment on Private Post via IDOR

Description The plugin contains an IDOR vulnerability that allows a user to comment on a private post by manipulating the ID included in the request PoC POST /wp-admin/admin-ajax.php HTTP/2 Host: online-communities.demos.buddyboss.com Cookie:...

4.3CVSS

6.3AI Score

0.0004EPSS

2024-05-15 12:00 AM
1
nessus
nessus

FreeBSD : qt6-webengine -- Multiple vulnerabilities (c6f03ea6-12de-11ef-83d8-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c6f03ea6-12de-11ef-83d8-4ccc6adda413 advisory. Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote...

9.6CVSS

8.9AI Score

0.001EPSS

2024-05-15 12:00 AM
1
nessus
nessus

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1643-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1643-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two...

7.8CVSS

7.2AI Score

EPSS

2024-05-15 12:00 AM
10
cve
cve

CVE-2024-30042

Microsoft Excel Remote Code Execution...

7.8CVSS

7AI Score

0.001EPSS

2024-05-14 05:17 PM
52
cve
cve

CVE-2024-3579

Open-source project Online Shopping System Advanced is vulnerable to Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's...

6.2AI Score

0.0004EPSS

2024-05-14 04:17 PM
23
nvd
nvd

CVE-2024-3579

Open-source project Online Shopping System Advanced is vulnerable to Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's...

5.9AI Score

0.0004EPSS

2024-05-14 04:17 PM
cve
cve

CVE-2024-4820

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=update_settings. The manipulation leads to unrestricted upload. The attack can be....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:45 PM
23
Total number of security vulnerabilities42530