162 matches found
PT-2024-17830 · Unknown · 1000 Projects Portfolio Management System Mca
Name of the Vulnerable Software and Affected Versions: 1000 Projects Portfolio Management System MCA version 1.0 Description: A critical vulnerability was found in the 1000 Projects Portfolio Management System MCA. This issue affects the file /update personal details.php and can be exploited...
PT-2024-11008 · Monitorapp · Monitorapp Application Insight Web Application Firewall
Name of the Vulnerable Software and Affected Versions: MONITORAPP Application Insight Web Application Firewall AIWAF versions = 4.1.6 and = 5.0 Description: A reflected cross-site scripting issue was identified on the subpage "/process management/process status.xhr.php". This issue allows an...
PT-2024-36481 · Unknown · Online Nurse Hiring System
Name of the Vulnerable Software and Affected Versions: Online Nurse Hiring System version 1.0 Description: A SQL injection issue was discovered in the /admin/profile.php component through the fullname parameter. This allows for potential exploitation. Recommendations: For Online Nurse Hiring Syst...
PT-2024-36480 · Unknown · Online Nurse Hiring System
Name of the Vulnerable Software and Affected Versions: Online Nurse Hiring System version 1.0 Description: A stored cross-site scripting XSS issue in the /admin/profile.php component allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the fullname...
PT-2024-17621 · Unknown · Code-Projects Online Class/Exam Scheduling System
Name of the Vulnerable Software and Affected Versions: code-projects Online Class and Exam Scheduling System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file /pages/subject update.php. The manipulation of the id argument leads to...
PT-2024-17366 · Unknown · Code-Projects Responsive Hotel Site
Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical issue has been found in the file /admin/room.php, where the manipulation of the troom argument leads to SQL injection. This issue can be exploited remotely...
PT-2024-17156 · Unknown · 1000 Projects Beauty Parlour Management System
Name of the Vulnerable Software and Affected Versions: 1000 Projects Beauty Parlour Management System version 1.0 Description: A critical issue has been found in the 1000 Projects Beauty Parlour Management System. This issue affects an unknown part of the file /admin/add-customer.php. The...
PT-2024-35785 · Unknown · Lafelabs Chaos
Name of the Vulnerable Software and Affected Versions: LafeLabs Chaos version 0.0.1 Description: A cross-site scripting XSS issue exists in the "/scroll.php" endpoint, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload. This could potentially lead to unauthorized...
PT-2024-9175 · Absysnet · Absysnet
Name of the Vulnerable Software and Affected Versions: AbsysNet version 2.3.1 Description: An IDOR Insecure Direct Object Reference vulnerability has been discovered, which could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifi...
PT-2024-34441 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /admin/school year.php endpoint, specifically via the school year parameter. This allows remote attackers to...
PT-2024-16516 · Unknown · Datatables +1
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability was found in the PHPGurukul Online Shopping Portal, affecting unknown code of the file admin/assets/plugins/DataTables/media/unit testing/templates/dom data two...
PT-2024-16499 · Unknown · Codezips Free Exam Hall Seating Management System
Name of the Vulnerable Software and Affected Versions: Codezips Free Exam Hall Seating Management System version 1.0 Description: A critical issue affects the processing of the file /student.php, where the manipulation of the email argument leads to SQL injection. The attack can be initiated...
PT-2024-16498 · Unknown · Projectworlds Life Insurance Management System
Name of the Vulnerable Software and Affected Versions: Project Worlds Life Insurance Management System version 1.0 Description: A critical issue has been found in the system, affecting the file /editNominee.php. The manipulation of the nominee id argument leads to SQL injection. The attack can be...
PT-2024-32997 · Pluxml · Pluxml
Name of the Vulnerable Software and Affected Versions: PluXml versions 5.8.16 and lower Description: A remote code execution issue in the /PluXml/core/admin/parametres edittpl.php component allows attackers to execute arbitrary code by injecting a crafted payload into a template. Recommendations:...
SUSE CVE-2024-47869
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response ti...
CVE-2024-47869
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response ti...
PT-2024-7429 · Draytek · Draytek Vigor310
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor310 versions through 4.3.2.6 Description: The issue is related to a stack-based Buffer Overflow vulnerability in the /cgi-bin/ipfedr.cgi component of the DrayTek Vigor310 devices' web interface. This vulnerability can be exploite...
PT-2024-39539 · Unknown · Bg5Sbk Minicms
Name of the Vulnerable Software and Affected Versions: bg5sbk MiniCMS versions up to 1.11 Description: A vulnerability was found in bg5sbk MiniCMS, affecting some unknown processing of the file post-edit.php, leading to cross-site request forgery. The attack may be initiated remotely. The exploit...
PT-2024-31969 · Frog Cms · Frog Cms
Name of the Vulnerable Software and Affected Versions: FrogCMS version 0.9.5 Description: A Cross-Site Request Forgery CSRF issue was discovered in FrogCMS. The vulnerability can be exploited via the "/admin/?/plugin/file manager/create directory" endpoint. This allows an attacker to perform...
PT-2024-31220 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.1 Description: The issue is an arbitrary file read vulnerability. It affects the admin safe.php component. There is no information provided about the estimated number of potentially affected devices worldwide or real-world...