CVE-2024-4683

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /view/examtimetableinsertform.php. The manipulation of the argument exam leads to cross site scripting. The attack...

Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Author+ Upload to RCE

Description The plugin is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip files PoC Note: This must be tested on a web server running Apache 1 Create a new post 2 Add e-Learning block to the post and upload...

PT-2024-40771 · Unknown · Xpackdynamictable

Name of the Vulnerable Software and Affected Versions: XpackDynamicTable affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the XpackDynamicTable:: make space function, which is called by the...

CVE-2024-4514

A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/timetableinsertform.php. The manipulation of the argument grade leads to cross site scripting. It is possible to launch t...

Campcodes Complete Web-Based School Management System 跨站脚本漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the...

PT-2024-31440 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A problematic vulnerability was found in the Campcodes Complete Web-Based School Management System, affecting an unknown function of the file /view/timetable inser...

SUSE CVE-2022-48667

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup avoiding rereading inode size repeatedly...

AZL-67472 CVE-2022-48667 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup avoiding rereading inode size repeatedly...

DEBIAN-CVE-2022-48667

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup avoiding rereading inode size repeatedly...

UBUNTU-CVE-2022-48667

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup avoiding rereading inode size repeatedly...

CVE-2022-48667

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup avoiding rereading inode size repeatedly...

CVE-2022-48667

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup avoiding rereading inode size repeatedly...

CVE-2022-48667 smb3: fix temporary data corruption in insert range

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup avoiding rereading inode size repeatedly...

RHEL 6 / 7 : rh-postgresql96-postgresql (RHSA-2018:2566)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2566 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstre...

kernel: net/sched: sch_hfsc UAF

A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...

kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image

A use-after-free flaw was found in fs/ext4/namei.c:dxinsertblock in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service...

Oracle Java SE Security Update (Apr 2024) -04 - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-32547

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Bond Code Insert Manager Q2W3 Inc Manager allows Reflected XSS.This issue affects Code Insert Manager Q2W3 Inc Manager: from n/a through 2.5.3...

CVE-2024-32547

CVE-2024-32547 is a Reflected XSS in the Code Insert Manager (Q2W3 Inc Manager) WordPress plugin. Affected: Code Insert Manager versions n/a through 2.5.3. Root cause: improper neutralization during web page generation. Impact per sources: potential for injection via input; CVSSv3.1 v3.1 metrics ...

CVE-2024-32547 WordPress Code Insert Manager (Q2W3 Inc Manager) plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Max Bond Code Insert Manager Q2W3 Inc Manager allows Reflected XSS.This issue affects Code Insert Manager Q2W3 Inc Manager: from n/a through 2.5.3...