CVE-2024-8337 SourceCodester Contact Manager with Export to VCF index.html cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Contact Manager with Export to VCF 1.0. Affected by this issue is some unknown functionality of the file index.html. The manipulation of the argument contactname leads to cross site scripting. The attack may be...

PT-2024-38946 · Openrapid · Openrapid Rapidcms

Name of the Vulnerable Software and Affected Versions: OpenRapid RapidCMS versions up to 1.3.1 Description: A critical issue was found in OpenRapid RapidCMS, affecting the file /admin/user/user-move-run.php. The manipulation of the username argument leads to SQL injection. It is possible to...

CVE-2024-8303 dingfanzu CMS getBasicInfo.php sql injection

A vulnerability classified as critical has been found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. This affects an unknown part of the file /ajax/getBasicInfo.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...

CVE-2024-8230

A vulnerability was found in Tenda O6 1.0.0.72054. It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. The attack may be initiated remotely...

CVE-2024-8229

A vulnerability was found in Tenda O6 1.0.0.72054. It has been declared as critical. This vulnerability affects the function frommacFilterModify of the file /goform/operateMacFilter. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2024-8224 Tenda G3 setDebugCfg formSetDebugCfg stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. This issue affects the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-based buffer overflow. The attack may be initiated remotel...

CVE-2024-8223

CVE-2024-8223 affects SourceCodester Music Gallery Site 1.0. The vulnerability exists in the file /classes/Master.php?f=delete_category where the manipulation of the argument id leads to an SQL injection. The issue is exploitable remotely and the exploit has been disclosed publicly. Impact detail...

CVE-2024-8219

A vulnerability was found in code-projects Responsive Hotel Site 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument name/phone/email leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2024-8220

A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file staffedit.php. The manipulation of the argument id/stafftype/address/fullname/phonenumber/salary leads to sql...

CVE-2024-8172

SourceCodester QR Code Attendance System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the endpoint /endpoint/delete-student.php, triggered by manipulating the student/attendance parameter. The issue arises from handling user input and may be exploitable remotely; public exploi...

CVE-2024-8171

CVE-2024-8171 affects the Tailoring Management System v1.0. The vulnerability resides in an insecure handling of the parameter title in the file staffcatedit.php , enabling SQL injection when the parameter is manipulated. This is described as a remotely initiable vulnerability with the exploit pu...

CVE-2024-8168

The CVE-2024-8168 issue affects code-projects Online Bus Reservation Site 1.0, specifically a SQL injection in the login.php file via the Username parameter. The vulnerability is exploitable remotely and has been disclosed publicly. Multiple connected sources (Red Hat, NVD, CVE list, CNVD/CNNVD, ...

CVE-2024-8153

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/delete-bookmark.php. The manipulation of the argument bookmark leads to cross site scripting. The attack may be initiated...

CVE-2024-8151

CVE-2024-8151 affects SourceCodester Interactive Map with Marker 1.0. The vulnerability is a cross-site scripting in the mark parameter of /endpoint/delete-mark.php, exploitable remotely. Root cause is input manipulation of mark leading to XSS. Exploitation details are disclosed publicly in relat...

CVE-2024-8146

The CVE-2024-8146 entry concerns code-projects Pharmacy Management System 1.0. The vulnerability is a SQL injection in the endpoint /index.php?action=editSalesman, triggered by manipulating the id parameter. A remote attacker can exploit it, and public disclosures exist. Exploit details and advis...

CVE-2024-8142

A vulnerability was found in SourceCodester Daily Calories Monitoring Tool 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /endpoint/delete-calorie.php. The manipulation of the argument calorie leads to cross site scripting. The attack can be initiate...

CVE-2024-8141

A vulnerability was found in SourceCodester Daily Calories Monitoring Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-calorie.php. The manipulation of the argument caloriedate/caloriename leads to cross site scripting. It is possible to...

CVE-2024-8141

Vulnerability: SourceCodester Daily Calories Monitoring Tool 1.0 has a cross-site scripting flaw in /endpoint/add-calorie.php through manipulated calorie_date/calorie_name parameters. Impact per sources is client-side injection with remote exploit potential; exploit has been publicly disclosed. A...

CVE-2024-8137

A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchuser.php. The manipulation of the argument search leads to cross site scripting. The attack can be initiated remotely. The exploit...

CVE-2024-8112

CVE-2024-8112 affects thinkgem JeeSite 5.3, with the Cookie Handler’s /js/a/login endpoint vulnerable to cross-site scripting. The issue stems from unsafely handling the skinName parameter, enabling remote exploitation. Multiple connected sources corroborate the affected component and payload vec...