CVE-2024-3525

A vulnerability, which was classified as problematic, was found in Campcodes Online Event Management System 1.0. Affected is an unknown function of the file /views/index.php. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2024-3443

A vulnerability classified as problematic was found in SourceCodester Prison Management System 1.0. This vulnerability affects unknown code of the file /Employee/applyleave.php. The manipulation of the argument txtstartdate/txtenddate leads to cross site scripting. The attack can be initiated...

PT-2024-25857 · Unknown · Sourcecodester Prison Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Prison Management System version 1.0 Description: A critical issue has been found in the SourceCodester Prison Management System, affecting an unknown functionality of the file /Admin/edit profile.php. This issue leads to sql...

CVE-2024-3423

A vulnerability was found in SourceCodester Online Courseware 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/activateteach.php. The manipulation of the argument selector leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2024-3419

A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/edit.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit ha...

CVE-2024-3369 code-projects Car Rental add-vehicle.php unrestricted upload

A vulnerability, which was classified as critical, has been found in code-projects Car Rental 1.0. Affected by this issue is some unknown functionality of the file add-vehicle.php. The manipulation of the argument Upload Image leads to unrestricted upload. The attack may be launched remotely. The...

CVE-2024-3363

A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack...

CVE-2024-3209

A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function getne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this...

DEBIAN-CVE-2024-3209

A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function getne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this...

RosarioSIS cross site scripting vulnerability

DISPUTED A vulnerability was found in francoisjacquet RosarioSIS 11.5.1. It has been rated as problematic. This issue affects some unknown processing of the component Add Portal Note. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

PT-2024-24128 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System up to 20240325 Description: A vulnerability was found in the Bdtask Multi-Store Inventory Management System, affecting an unknown function of the file /stockmovment/stockmovment/delete/ of the...

PT-2024-23925 · Unknown · Replify-Messenger

Name of the Vulnerable Software and Affected Versions: Replify-Messenger version 1.0 Description: A vulnerability has been found in the processing of the file androidmanifest.xml of the component Backup File Handler. This issue leads to exposure of backup files to an unauthorized control sphere,...

CVE-2024-3091

A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/search.php of the component Search Request Page. The manipulation leads to cross site scripting. It is possible to launch the...

CVE-2024-3013

The CVE-2024-3013 entry affects Teledyne FLIR AX8 (up to v1.46.16) in the User Registration component, specifically the /tools/test_login.php?action=register path. The root cause is an improper authorization vulnerability in an unknown function, allowing remote exploitation. Reports indicate the ...

CVE-2024-3012 Tenda FH1205 GetParentControlInfo stack-based overflow

A vulnerability was found in Tenda FH1205 2.0.0.7775. It has been declared as critical. This vulnerability affects the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be initiated...

CVE-2024-2998

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

CVE-2024-2990

A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. This affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The explo...

CVE-2024-2987

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14408. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-2832

A vulnerability classified as problematic was found in Campcodes Online Shopping System 1.0. This vulnerability affects unknown code of the file /offersmail.php. The manipulation of the argument email leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2024-2016

A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exploit has been...