CVE-2024-7066

A vulnerability was found in F-logic DataCube3 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/configtimesync.php of the component HTTP POST Request Handler. The manipulation of the argument ntpserver leads to os command...

PT-2024-38056 · F Logic · F-Logic Datacube3

Name of the Vulnerable Software and Affected Versions: F-logic DataCube3 version 1.0 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically in the file /admin/config time sync.php. The manipulation of the ntp server argument leads to os command...

CVE-2024-6950

A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Affected by this issue is some unknown functionality of the file /?import of the component HTTP POST Request Handler. The manipulation of the argument file leads to code injection. The attack may be launched...

CVE-2024-6950

Prain up to version 1.3.0 is affected by CVE-2024-6950 in the HTTP POST Request Handler’s /?import path. The issue arises from manipulation of the file argument, enabling remote code injection. Exploitation is described as remote and publicly disclosed, with Affected versions up to 1.3.0. The PT-...

PT-2024-37989 · Prain · Prain

Name of the Vulnerable Software and Affected Versions: Prain versions up to 1.3.0 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting some unknown functionality of the file /?import. The manipulation of the file argument leads to code...

PT-2024-37878 · Sourcecodester · Sourcecodester Student Study Center Desk Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Study Center Desk Management System version 1.0 Description: A vulnerability was found in the system, classified as problematic, affecting some unknown functionality of the file /sscdms/classes/Users.php?f=save of the...

CVE-2024-6746

A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input...

CVE-2024-6746

A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input...

CVE-2024-6746

NaiboWang EasySpider 0.6.2 on Windows has a path-traversal vulnerability in the HTTP GET Request Handler (server.js) that allows reading arbitrary Windows files via input like /../../../../../../../../../Windows/win.ini. Exploitation is possible within a local network, and public disclosure has o...

The vulnerability of the “Updates Service” software, which allows a hacker to gain access to read local files.

The vulnerability of the “Updates Service” software’s web request handler lies in the lack of limits on authentication attempts. Exploiting this vulnerability can allow a malicious actor to gain read access to local files...

CVE-2024-6370

A vulnerability classified as problematic was found in LabVantage LIMS 2017. Affected by this vulnerability is an unknown functionality of the file /labvantage/rc?command=file&file=WEB-OPAL/pagetypes/bulletins/sendbulletin.jsp of the component POST Request Handler. The manipulation of the argumen...

CVE-2024-6369

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. Affected is an unknown function of the file /labvantage/rc?command=page&sdcid=LVReagentLot of the component POST Request Handler. The manipulation of the argument mode leads to cross site scripting. It is possible t...

CVE-2024-6368

A vulnerability was found in LabVantage LIMS 2017. It has been rated as problematic. This issue affects some unknown processing of the file /labvantage/rc?command=page of the component POST Request Handler. The manipulation of the argument param1 leads to cross site scripting. The attack may be...

CVE-2024-6367

A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This vulnerability affects unknown code of the file /labvantage/rc?command=file&file=WEB-CORE/elements/files/filesembedded.jsp of the component POST Request Handler. The manipulation of the argument...

CVE-2024-6367

A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This vulnerability affects unknown code of the file /labvantage/rc?command=file&file=WEB-CORE/elements/files/filesembedded.jsp of the component POST Request Handler. The manipulation of the argument...

CVE-2024-6370

CVE-2024-6370 affects LabVantage LIMS 2017. A cross-site scripting flaw exists in the POST Request Handler via the file parameter /labvantage/rc?command=file&file=WEB-OPAL/pagetypes/bulletins/sendbulletin.jsp, by tampering the bulletinbody argument. The attack can be launched remotely and the exp...

CVE-2024-6368 LabVantage LIMS POST Request cross site scripting

A vulnerability was found in LabVantage LIMS 2017. It has been rated as problematic. This issue affects some unknown processing of the file /labvantage/rc?command=page of the component POST Request Handler. The manipulation of the argument param1 leads to cross site scripting. The attack may be...

CVE-2024-6368

CVE-2024-6368 affects LabVantage LIMS 2017. The issue resides in the POST Request Handler where processing of the file path /labvantage/rc?command=page and the manipulation of the argument param1 leads to a cross-site scripting (XSS) vulnerability. The attack can be initiated remotely and the exp...

PT-2024-37571 · Labvantage · Labvantage Lims

Name of the Vulnerable Software and Affected Versions: LabVantage LIMS version 2017 Description: A vulnerability was found in the component POST Request Handler, affecting the file /labvantage/rc?command=file&file=WEB-CORE/elements/files/filesembedded.jsp. The manipulation of the argument...

LabVantage Solutions LIMS Cross-Site Scripting Vulnerability

LabVantage Solutions LIMS is a laboratory letter management system from LabVantage Solutions, USA. A cross-site scripting vulnerability exists in LabVantage Solutions LIMS version 2017, which stems from some unknown handling of parameter param1 in a file processed by the POST request handler...