CVE-2024-12956

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /addachievementdetails.php. The manipulation of the argument achcerty leads to unrestricted upload. The attack may be initiated remotel...

CVE-2024-10618

A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/recorddetail.php. The manipulation of the argument repid leads to sql injection. The attack may be initiated remotely. The exploi...

CVE-2024-7198

A vulnerability classified as critical has been found in SourceCodester Complaints Report Management System 1.0. This affects an unknown part of the file /admin/managestation.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The explo...

CVE-2024-11138

A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an unknown part of the file /dede/uploads/dede/friendlinkadd.php. The manipulation of the argument logoimg leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-20532

A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-suppli...

CVE-2024-8172

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Attendance System 1.0. This issue affects some unknown processing of the file /endpoint/delete-student.php. The manipulation of the argument student/attendance leads to cross site scripting. The attack...

CVE-2024-4684

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /view/examtimetablegradewise.php. The manipulation of the argument exam leads to cross site scripting. It is possible to initiate...

CVE-2024-4910

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/studentexammarkinsertform1.php. The manipulation of the argument grade leads to sql injection. The...

CVE-2024-13008

A vulnerability has been found in code-projects Responsive Hotel Site 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/newsletter.php. The manipulation of the argument eid leads to sql injection. The attack can be launched remotely. The...

CVE-2024-6902

A vulnerability classified as critical was found in SourceCodester Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file sortuser.php. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2024-0498

A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the argument experience leads to sql injection. The attack can be launched...

CVE-2024-11210

A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated remotely. The exploit has...

CVE-2024-12182

A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7.116. Affected by this issue is some unknown functionality of the file /member/softadd.php. The manipulation of the argument body leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2023-0284

Improper Input Validation of LDAP user IDs in Tribe29 Checkmk allows attackers that can control LDAP user IDs to manipulate files on the server. Checkmk = 2.1.0p19, Checkmk = 2.0.0p32, and all versions of Checkmk 1.6.0 EOL are affected...

CVE-2023-7096

A flaw has been found in code-projects Faculty Management System 1.0. The affected element is an unknown function of the file /admin/php/crud.php. This manipulation of the argument fieldname/tablename causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2023-4848

A vulnerability classified as critical was found in SourceCodester Simple Book Catalog App 1.0. Affected by this vulnerability is an unknown functionality of the file deletebook.php. The manipulation of the argument delete leads to sql injection. The attack can be launched remotely. The exploit h...

CVE-2023-5304

A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. Th...

CVE-2023-38020

IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576...

CVE-2023-6767

A vulnerability, which was classified as problematic, was found in SourceCodester Wedding Guest e-Book 1.0. This affects an unknown part of the file /endpoint/add-guest.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2023-20193

A vulnerability in the Embedded Service Router ESR of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid...