262 matches found
PT-2024-40048 · Unknown · Camaleon Cms
Name of the Vulnerable Software and Affected Versions: Camaleon CMS affected versions not specified Description: The issue concerns a path traversal vulnerability in the MediaController class. An attacker who has taken over an administrator account could delete arbitrary files or folders on the...
CVE-2024-8561
A vulnerability has been found in SourceCodester PHP CRUD 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete.php of the component Delete Person Handler. The manipulation of the argument person leads to sql injection. The attack...
CVE-2024-5928
VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target...
WordPress plugin GiveWP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-38470 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue has been discovered, affecting the file delete client.php. The manipulation of the id argument leads to SQL injection. This issue can be...
CVE-2024-7250
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on th...
PT-2024-38190 · Avast · Avast Cleanup Premium
Name of the Vulnerable Software and Affected Versions: Avast Cleanup Premium affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privilege...
PT-2024-38209 · Comodo · Comodo Firewall
Name of the Vulnerable Software and Affected Versions: Comodo Firewall affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on th...
PT-2024-37990 · Sourcecodester · Sourcecodester Simple Online Book Store System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Book Store System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file admin delete.php. The manipulation of the bookisbn argument leads to SQL injection. It is...
Smart PLC AC14xx and Smart PLC AC4xxS Operating System Command Injection Vulnerability
The ifm electronic Smart PLC AC14xx and ifm electronic Smart PLC AC4xxS are a series of hosts/gateways from ifm electronic Germany. An operating system command injection vulnerability exists in Smart PLC AC14xx and Smart PLC AC4xxS versions 4.3.17 and earlier, which originates from a remote...
CVE-2024-6147
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...
CVE-2024-6147 Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...
PT-2024-37415 · Poly · Poly Plantronics Hub
Name of the Vulnerable Software and Affected Versions: Poly Plantronics Hub affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged...
Online Book Store SQL Injection Vulnerability
Online Book Store is an online bookstore by the individual developer Arvin Arandilla. The SQL injection vulnerability exists in itsourcecode Online Book Store version 1.0, which stems from admindelete.php containing unknown processing that leads to SQL injection via the parameter bookisbn...
PT-2024-37316 · Unknown · Itsourcecode Online Bookstore
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Book Store version 1.0 Description: A critical issue affects the processing of the file admin delete.php. The manipulation of the bookisbn argument leads to SQL injection. The attack can be initiated remotely...
CVE-2023-51636
Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2023-51636
Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
PT-2024-21978
Name of the Vulnerable Software and Affected Versions: GNU Savane versions 3.12 and earlier Description: The issue allows a remote attacker to delete arbitrary files via crafted input to the trackers data delete file function. This is due to an Insecure Direct Object Reference IDOR in the softwar...
Employee Managment System SQL Injection Vulnerability
Employee Managment System is an employee management system. An SQL injection vulnerability exists in Employee Managment System v1.0, which originates from a SQL injection vulnerability in the file /delete.php...
CVE-2024-1252
A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/askduty/delete.php. The manipulation of the argument ASKDUTYID leads to sql injection. The exploit has been disclosed to...