CVE-2015-10140

The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files...

CVE-2015-10140 Ajax Load More < 2.8.1.2 - Subscriber+ File Upload & Deletion

The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files...

CVE-2015-10140

The CVE concerns the WordPress Ajax Load More plugin before version 2.8.1.2, which contains an authorization flaw in certain AJAX actions. This permits any authenticated user (e.g., a subscriber) to upload and delete arbitrary files. Affected component: Ajax Load More WordPress plugin; root cause...

Oracle Linux 10 : python3.12 (ELSA-2025-10140)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10140 advisory. - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Tenable has extracted the preceding description block...

CVE-2024-10140

A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. Affected by this issue is some unknown functionality of the file /managesupplier.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

Linux Distros Unpatched Vulnerability : CVE-2017-10140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented...

Linux Distros Unpatched Vulnerability : CVE-2019-10140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service...

Exploit for SQL Injection in Code-Projects Pharmacy_Management_System

CVE-2024-10140 The script exploits a SQL Injection vulnera...

CVE-2024-10140

creationtimestamp| type| source ---|---|--- 2024-10-19 18:00:07+00:00| seen| https://t.me/cvedetector/8364...

CVE-2024-10140

A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. Affected by this issue is some unknown functionality of the file /managesupplier.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

CVE-2024-10140

The CVE-2024-10140 entry affects code-projects’ Pharmacy Management System 1.0, with the vulnerability located in /manage_supplier.php. The root cause is an SQL injection caused by manipulating the id parameter, enabling remote exploitation. Public exploit details exist (e.g., a GitHub exploit ta...

CVE-2024-10140 code-projects Pharmacy Management System manage_supplier.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. Affected by this issue is some unknown functionality of the file /managesupplier.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

RHEL 6 : libdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libdb: Reads DBCONFIG from the current working directory CVE-2017-10140 - Vulnerability in the Data Store...

Amazon Linux AMI : db4 (ALAS-2023-1726)

The version of db4 installed on the remote host is prior to 4.7.25-22.13. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1726 advisory. Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges ...

Amazon Linux 2 : libdb (ALAS-2023-1965)

The version of libdb installed on the remote host is prior to 5.3.21-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1965 advisory. Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges ...

Important: libdb

Issue Overview: Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DBCONFIG in the current directory...

Ubuntu: Security Advisory (USN-3489-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0380)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2021-1954

Software: postfix 2.10.1 OS: Cobalt 7.9 CVE-ID: CVE-2017-10140 CVE-Crit: HIGH CVE-DESC: Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 may allow local users to gain privileges using undocumented features in Berkeley DB 2. x and later related to reading...

CVE-2020-10140

CVE-2020-10140 affects Acronis True Image 2021, where ACLs for C:\ProgramData\Acronis are not set correctly. This allows an unprivileged user to achieve arbitrary code execution with SYSTEM privileges by placing a DLL in several paths under C:\ProgramData\Acronis, because some privileged processe...