846 matches found
PT-2024-21181 · Amss++ · Amss++
Name of the Vulnerable Software and Affected Versions: AMSS++ version 4.31 Description: The issue allows SQL injection through the /amssplus/admin/index.php endpoint, in the id parameter. This could enable a remote attacker to send a specially crafted SQL query to the server and retrieve all the...
AMSS++ SQL Injection Vulnerability
AMSS++ is a tool for the office administration support system of Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which originates from an SQL injection vulnerability in the username parameter of the /amssplus/index.php page...
Racktables Security Breach
Racktables is a data center asset management system. It is used for data center and server room asset management. A security vulnerability exists in Racktables v0.22.0 and earlier versions, which originated from a vulnerability that allows local attackers to execute arbitrary code and obtain...
CVE-2024-2330
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/index.php. The manipulation of the argument IPAddr leads to sql injection. It is possible to initiate the attack remotely. The...
BIT-HELM-2020-15185 Duplicated chart entries in Helm
In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...
Customer Support System 跨站脚本漏洞
Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...
CVE-2024-2155
A vulnerability was found in SourceCodester Best POS Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been...
PT-2024-18702 · Sourcecodester · Sourcecodester Simple Online Bidding System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Bidding System version 1.0 Description: A critical issue has been found in the system, affecting an unknown part of the file index.php. The manipulation of the category id argument leads to SQL injection. It is...
CodeAstro Membership Management System SQL Injection Vulnerability
CodeAstro Membership Management System is a membership management system from CodeAstro, Inc. A SQL injection vulnerability exists in CodeAstro Membership Management System v.1.0 that could allow a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php componen...
CVE-2023-7165
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...
AZL-34454 CVE-2024-26147 affecting package cert-manager for versions less than 1.11.2-10
Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...
AZL-34584 CVE-2024-26147 affecting package cert-manager for versions less than 1.12.13-1
Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...
UBUNTU-CVE-2024-26147
Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...
CVE-2024-26147
Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...
PT-2024-20764 · Mss · Mss
Name of the Vulnerable Software and Affected Versions: MSS Mission Support System versions prior to 8.3.3 Description: MSS is an open source package designed for planning atmospheric research flights. The issue concerns a method in the index.py file that is vulnerable to path manipulation attacks...
Mission Support System security breach
Mission Support System is the mission support system software used to plan atmospheric research flights. A security vulnerability exists in Mission Support System versions 5.0.0 through 8.3.3 and earlier that could allow an attacker to obtain sensitive information via the file mslib/index.py...
CVE-2024-25306
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...
PT-2024-20875 · Code Projects · Code-Projects Simple School Managment System
Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the aname parameter at the "School/index.php" endpoint. This could potentially lead to unauthorized access to sensitive data...
Free Open-Source Inventory Management System Security Vulnerability
Inventory Management System is an inventory management system by stemword individual developers. A security vulnerability exists in Free Open-Source Inventory Management System version v.1.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the Stafflist parameter in...
PT-2024-15938 · Unknown · Codeastro Stock Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Stock Management System version 1.0 Description: A vulnerability was found in the CodeAstro Stock Management System, affecting some unknown processing of the file /index.php of the component Add Category Handler. The manipulation of...