CVE-2024-41332

Incorrect access control in the deletecategory function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories...

CVE-2024-41332

CVE-2024-41332 affects Sourcecodester Computer Laboratory Management System v1.0. The issue is an incorrect access control in the delete_category function that lets authenticated users with low privileges arbitrarily delete categories. Public references indicate a privilege-escalation path via a ...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from the use of exit as the delete function can cause the delete callback to be discarded, resulting in a resource leak when a device is...

PT-2024-6454 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 versions up to 20240814...

WordPress Plugin Complianz Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

CVE-2024-2069

A vulnerability classified as critical has been found in SourceCodester FAQ Management System 1.0. Affected is an unknown function of the file /endpoint/delete-faq.php. The manipulation of the argument faq leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel due to a resource leak in the delete function...

CRMEB Path Traversal Vulnerability

Zhongbang CRMEB is an open source e-commerce management system from Xi'an Zhongbang Networks Zhongbang. CRMEB 5.2.2 version of the path traversal vulnerability , the vulnerability stems from the file /adminapi/system/crud save/delete function has a path traversal vulnerability...

Directory Traversal in evershop

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the DELETE function in api/files endpoint...

GHSA-RWF3-W4JQ-F4CM Directory Traversal in evershop

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the DELETE function in api/files endpoint...

Directory traversal

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the DELETE function in api/files endpoint...

CVE-2023-46496

CVE-2023-46496 affects EverShop NPM prior to 1.0.0-rc.8. Affected component: the API endpoint DELETE /api/files, where a directory traversal issue allows a remote attacker to obtain sensitive information. Root cause: unvalidated path handling in the files API enables traversal to restricted files...

CVE-2023-46496

Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the DELETE function in api/files endpoint...

WordPress plugin Thumbnail Slider With Lightbox Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2023-30857 · Unknown · Sourcecodester Simple Book Catalog App

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Book Catalog App version 1.0 Description: A critical vulnerability was found in the SourceCodester Simple Book Catalog App, affecting an unknown functionality of the file delete book.php. The manipulation of the delete...

CVE-2023-34217 Second Order Command-injection Vulnerability in the Certificate-delete Function

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious user...

CVE-2020-27514

Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service DoS...

Directory traversal

Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service DoS...

Improper Input Validation

prestashop/prestashop is vulnerable to Improper Input Validation. The vulnerability exists in the delete function at CustomerMessage.php because the file input is not properly handled which allows an attacker delete an arbitrary file...

Improper Input Validation

prestashop/prestashop is vulnerable to Improper Input Validation. The vulnerability exists in the delete function of Attachment.php because the file parameter is not properly handled which allows an attacker to delete arbitrary files...