cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

CVE-2024-9091

A vulnerability was found in code-projects Student Record System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument regno leads to sql injection. The attack can be launched remotely. The exploi...

CVE-2024-9039

A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=signup. The manipulation of the argument firstname/lastname/email leads to sql injection...

CVE-2024-8569

A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file user-login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely...

PT-2024-39094 · Unknown · Sourcecodester Food Ordering Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Food Ordering Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Food Ordering Management System. The issue affects an unknown part of the file /foms/routers/cancel-order.ph...

PT-2024-39096 · Sourcecodester · Sourcecodester Online Food Menu

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Food Menu version 1.0 Description: A critical issue has been found in the processing of the file /endpoint/delete-menu.php. The manipulation of the argument menu leads to SQL injection. The attack may be initiated...

CVE-2024-8221

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/categories/managecategory.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

CVE-2024-8219

A vulnerability was found in code-projects Responsive Hotel Site 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument name/phone/email leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2024-8139

A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file searchlist.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit h...

CVE-2024-7935

A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file print.php. The manipulation of the argument mapid leads to sql injection. The attack may be launched remotely. The explo...

CVE-2024-7808

A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file logindbc.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2024-7642

A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file activateact.php. The manipulation of the argument id leads to sql injection. The attack can be...

CVE-2024-7444

A vulnerability classified as critical was found in itsourcecode Ticket Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php of the component Login Page. The manipulation of the argument username leads to sql injection. The attack can be launche...

CVE-2024-7436

A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This issue affects the function mspinfohtm of the file mspinfo.htm. The manipulation of the argument cmd leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to t...

CVE-2024-7311

A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the argument Email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-7288

A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deleteblock. The manipulation of the argument id leads to sql injection. The attack ca...

CVE-2024-7199

A vulnerability classified as critical was found in SourceCodester Complaints Report Management System 1.0. This vulnerability affects unknown code of the file /admin/manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-7194

A vulnerability was found in itsourcecode Society Management System 1.0 and classified as critical. This issue affects some unknown processing of the file checkstudent.php. The manipulation of the argument studentid leads to sql injection. The attack may be initiated remotely. The exploit has bee...

CVE-2024-31971

Multiple stored cross-site scripting XSS vulnerabilities on AdTran NetVanta 3120 18.01.01.00.E devices allow remote attackers to inject arbitrary JavaScript, as demonstrated by /mainPassword.html, /processIdentity.html, /public.html, /dhcp.html, /private.html, /hostname.html, /connectivity.html,...

CVE-2024-6905

A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file viewinfouser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...