MAL-2024-1249 Malicious code in shuaiqiang (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90a14c62cc3d0883cc41fd87a7f5c977dfd73e615c410832cc0acbfd768d6b8d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

2024-04 Cumulative Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5036909)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

CVE-2024-31544

A stored cross-site scripting XSS vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrowername”, “facultydepartment” parameters in /classes/Master.php?f=saverecord...

CVE-2024-31544

A stored cross-site scripting XSS vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrowername”, “facultydepartment” parameters in /classes/Master.php?f=saverecord...

CVE-2024-31544

CVE-2024-31544 applies to the Computer Laboratory Management System v1.0. The vulnerability is a stored cross-site scripting (XSS) flaw that allows an attacker to inject arbitrary JavaScript through the fields “remarks”, “borrower_name” and “faculty_department” in the API endpoint /classes/Master...

MAL-2024-1211 Malicious code in tokenaddress (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9025a8419e068972440e8ce7318279901ab845fea1c593ecc34fda8d7f59122d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1206 Malicious code in f3ngtest12345677 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c45841bc7c5a73373ee4764c017a128bb5dd286d34d5d4a2bf649338aa1644a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1205 Malicious code in djs-colora (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d16be3b2dd06a8949fc6aed664e7744611a2db6309f0ae9b822bda758f1cafb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1207 Malicious code in payable-js-ipg-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4236d1ddc2eb9ca710a495ee98481d2a581fee6451b8e496835e93c54f92c1a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-3377

A vulnerability classified as problematic was found in SourceCodester Computer Laboratory Management System 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument name leads to cross site scripting. The attack can be...

CVE-2024-3376

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file config.php. The manipulation of the argument url leads to execution after redirect. It is possible to initiate the attack remotely. The explo...

CVE-2024-3377 SourceCodester Computer Laboratory Management System cross site scripting

A vulnerability classified as problematic was found in SourceCodester Computer Laboratory Management System 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument name leads to cross site scripting. The attack can be...

CVE-2024-3377 SourceCodester Computer Laboratory Management System cross site scripting

A vulnerability classified as problematic was found in SourceCodester Computer Laboratory Management System 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument name leads to cross site scripting. The attack can be...

CVE-2024-3376

CVE-2024-3376 affects SourceCodester Computer Laboratory Management System 1.0. The vulnerability is in the config.php file, where manipulation of the url parameter leads to execution after redirect, enabling remote initiation of an attack. Exploit details are publicly disclosed per the sources. ...

CVE-2024-3376 SourceCodester Computer Laboratory Management System config.php redirect

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file config.php. The manipulation of the argument url leads to execution after redirect. It is possible to initiate the attack remotely. The explo...

PT-2024-25466 · Sourcecodester · Sourcecodester Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Laboratory Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Computer Laboratory Management System. This issue affects an unknown part of the file config.php. The...

Computer Laboratory Management System 安全漏洞

Computer Laboratory Management System is a computer laboratory management system. A security vulnerability exists in SourceCodester Computer Laboratory Management System version 1.0, which originates from a security flaw in the parameter url of the config.php file...

MAL-2024-1203 Malicious code in nespresso-bi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ecb1d1aad101d1cf5bdd8986e77fa20c75f039412cec1ebe03442f8fec9f939 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in lodash-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a8bd312773fbb24be9c3b0b0f20151edfa60314696b7db82861805252d9fc24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-3316 SourceCodester Computer Laboratory Management System view_category.php sql injection

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/viewcategory.php. The manipulation of the argument id leads to sql injection. The attack...