CVE-2018-10424

mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field...

CVE-2025-10424

creationtimestamp| type| source ---|---|--- 2025-09-15 05:52:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyu4hmtlqg2g...

CVE-2025-10424

A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/facultycontroller.php. This manipulation of the argument newimage causes unrestricted upload. The attack is...

CVE-2025-10424 1000projects Online Student Project Report Submission and Evaluation System faculty_controller.php unrestricted upload

A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/facultycontroller.php. This manipulation of the argument newimage causes unrestricted upload. The attack is...

CVE-2024-10424

A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/projectselection/removeproject.php of the component Project Selection Page. The manipulation of the...

CVE-2020-10424

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-fields.php by adding a question mark ? followed by the payload...

CVE-2024-10424

creationtimestamp| type| source ---|---|--- 2024-10-27 20:55:17+00:00| seen| https://t.me/cvedetector/9063...

CVE-2024-10424

A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/projectselection/removeproject.php of the component Project Selection Page. The manipulation of the...

CVE-2024-10424 Project Worlds Student Project Allocation System Project Selection Page remove_project.php sql injection

A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/projectselection/removeproject.php of the component Project Selection Page. The manipulation of the...

CVE-2024-10424

CVE-2024-10424 corresponds to a SQL injection in Project Worlds Student Project Allocation System 1.0, triggered via the remove_project.php page (affecting the /student/project_selection/remove_project.php endpoint) by manipulating the no parameter. Multiple sources (NVD, Red Hat, CVE records, PT...

K51433470: MySQL vulnerability CVE-2017-10424

Security Advisory Description Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL subcomponent: Monitoring: Web. Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows...

CVE-2020-10424

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-fields.php by adding a question mark ? followed by the payload...

CVE-2020-10424

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-fields.php by adding a question mark ? followed by the payload...

CVE-2020-10424

CVE-2020-10424 affects Chadha PHPKB Standard Multi-Language 9, where URIs mishandling in admin/header.php enables reflected XSS in admin/manage-fields.php by appending a ? payload. Impact is reflected script/HTML injection; exploitation details not provided beyond this description. The cited metr...

CVE-2019-10424

Jenkins elOyente Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-10424

Jenkins elOyente Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-10424

CVE-2019-10424 affects the Jenkins elOyente Plugin, which stores credentials unencrypted in the plugin’s global configuration file on the Jenkins master. This allows users with file-system access to the Jenkins controller to view sensitive data. Multiple sources corroborate the issue; however, pu...

CVE-2018-10424

mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field...

CVE-2018-10424

MiniCMS 1.10 is affected. The vulnerability is in mc-admin/post-edit.php where a modified id field allows full path disclosure. The root cause is a path disclosure issue that leads to information exposure. Exploitation details and mitigations are not provided in the supplied documents.

CVE-2016-10424

CVE-2016-10424 concerns an issue in the LibPNG library used on Android devices. The provided records show that, for affected Android builds, upgrading LibPNG from 1.6.12 to 1.6.21 fixes multiple issues described by different CWEs. The Android CVE entry ties the vulnerability to the need for a pat...