CVE-2024-10509

A vulnerability, which was classified as critical, has been found in Codezips Online Institute Management System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2024-10502 ESAFENET CDG FileDirectoryService.java getOneFileDirectory sql injection

A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function getOneFileDirectory of the file /com/esafenet/servlet/fileManagement/FileDirectoryService.java. The manipulation of the argument directoryId leads to sql injection. The attack can ...

PT-2024-16323 · Safenet · Esafenet Cdg

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG version 5 Description: A critical issue has been found in the getOneFileDirectory function of the /com/esafenet/servlet/fileManagement/FileDirectoryService.java file. The manipulation of the directoryId argument leads to SQL...

CVE-2024-10479

A vulnerability, which was classified as problematic, was found in LinZhaoguan pb-cms up to 2.0.1. Affected is an unknown function of the file /adminthemes of the component Theme Management Module. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2024-10479

A vulnerability, which was classified as problematic, was found in LinZhaoguan pb-cms up to 2.0.1. Affected is an unknown function of the file /adminthemes of the component Theme Management Module. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2024-10448

A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /file/delete.php. The manipulation of the argument bid leads to cross-site request forgery. The attack may be...

CVE-2024-10435

A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cov/triggerEnvCov. The manipulation of the argument uuid leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to t...

CVE-2024-10434 Tenda AC1206 ate ate_Tenda_mfg_check_usb3 stack-based overflow

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ateTendamfgcheckusb/ateTendamfgcheckusb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attac...

CVE-2024-10434 Tenda AC1206 ate ate_Tenda_mfg_check_usb3 stack-based overflow

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ateTendamfgcheckusb/ateTendamfgcheckusb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attac...

CVE-2024-10426

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /animalsadd.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-10411

CVE-2024-10411 affects SourceCodester Online Hotel Reservation System 1.0. The vulnerability resides in the admin side, in functions doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of /marimar/admin/mod_room/controller.php, where the id parameter is used in SQL queries, enabling a r...

CVE-2024-10410

CVE-2024-10410 affects SourceCodester Online Hotel Reservation System 1.0. The vulnerability resides in the upload function at /admin/mod_room/controller.php?action=add, where manipulating the image argument leads to unrestricted file upload, enabling a remote attack. The exploit has been disclos...

CVE-2024-10408

CVE-2024-10408 affects code-projects Blood Bank Management up to version 1.0. The vulnerability resides in the /abs.php file where manipulating the search argument enables SQL injection. It is exploitable remotely and has been publicly disclosed. Multiple connected sources corroborate a SQL injec...

CVE-2024-10407

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/editcustomer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-10380

CVE-2024-10380 affects SourceCodester Petrol Pump Management Software 1.0. The vulnerability is an SQL injection in the file /admin/ajax_product.php triggered by manipulating the drop_services parameter. The attack can be launched remotely and, according to sources, the exploit has been disclosed...

CVE-2024-10371

A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0. This affects the function login of the file main. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used...

CVE-2024-10370

A vulnerability was found in Codezips Sales Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcustind.php. The manipulation of the argument refno leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2024-10354

A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

CVE-2024-10349

A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. Affected by this issue is the function deletetenant of the file /ajax.php?action=deletetenant. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-10338 SourceCodeHero Clothes Recommendation System home.php sql injection

A vulnerability classified as critical was found in SourceCodeHero Clothes Recommendation System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/home.php. The manipulation of the argument view/view1 leads to sql injection. The attack can be launched remotely. Th...