CVE-2023-2055

A vulnerability has been found in Campcodes Advanced Online Voting System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/configsave.php. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. The...

itsourcecode Restaurant Management System 注入漏洞

itsourcecode Restaurant Management System is itsourcecode open source a restaurant management system . An injection vulnerability exists in version 1.0 of itsourcecode Restaurant Management System, which results from SQL injection due to incorrect manipulation of the parameter last in the file...

Online Class and Exam Scheduling System class_save.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from the lack of validation of the class parameter in the file /Scheduling/pages/classsave.php against an...

Code-Projects Online Class and Exam Scheduling System 安全漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects open source. A security vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which is caused by SQL injection due to incorrect manipulation ...

Code-Projects Online Restaurant Management System SQL注入漏洞

Code-Projects Online Restaurant Management System is a Code-Projects open source online restaurant management system. A SQL injection vulnerability exists in Code-Projects Online Restaurant Management System version 1.0, which stems from improper handling of the parameter first in the...

Online Class and Exam Scheduling System exam_save.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters member and first of...

PT-2024-17624 · Unknown · Code-Projects Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: code-projects Online Class and Exam Scheduling System version 1.0 Description: A critical issue has been found in the code-projects Online Class and Exam Scheduling System. This issue affects unknown code in the file /pages/teacher save.php...

USN-7064-1 nano vulnerability

It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink...

CVE-2024-9572

Cross-Site Scripting XSS vulnerability in SOPlanning 1.45, due to lack of proper validation of user input via /soplanning/www/process/groupesave.php, in the groupeid parameter. This could allow a remote user to send a specially crafted query to an authenticated user and steal their session detail...

Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal", 'Description' = %q This module exploits a directory...

CVE-2024-7275

A vulnerability, which was classified as critical, was found in itsourcecode Alton Management System 1.0. Affected is an unknown function of the file /admin/categorysave.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploi...

OPENSUSE-SU-2024:0157-1 Security update for nano

This update for nano fixes the following issues: - CVE-2024-5742: Avoid privilege escalations via symlink attacks on emergency save file boo1226099...

Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions

This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT currently working on implementing this for RPM and other package managers. This is...

PT-2024-22933 · Lepton · Lepton

Name of the Vulnerable Software and Affected Versions: lepton version 7.1.0 Description: The issue allows remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file to the "save.php" and "config.php" components. This enables attackers to potentially gain control ove...

CVE-2023-24287

A crafted save file can cause a buffer overrun in the Undead puzzle...

CVE-2023-24286

A crafted save file can cause a buffer overrun in the Mosaic puzzle...

CVE-2023-24291

A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection...

CVE-2023-24288

A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection...

CVE-2023-24284

A crafted save file can cause a buffer overrun in the Guess puzzle...

CVE-2023-24285

A crafted save file can cause a buffer overrun in the Netslide puzzle...