229 matches found
The vulnerability of the Grafana Agent’s data visualization system lies in the lack of quotation marks when writing elements or search paths, allowing attackers to exploit their privileges.
The vulnerability of the Grafana Agent visualization system is related to the absence of quotation marks in the writing of elements or search paths. Exploiting this vulnerability can allow attackers to increase their privileges...
CVE-2024-9079
A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The exploit has been...
Code-Projects Student Record System SQL注入漏洞
Code-Projects Student Record System is a Code-Projects open source student record system. Code-Projects Student Record System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the SQL injection of the coursename parameter in the /marks.php file...
PT-2024-39413 · Unknown · Code-Projects Student Record System
Name of the Vulnerable Software and Affected Versions: code-projects Student Record System version 1.0 Description: A critical issue affects the processing of the file /marks.php. The manipulation of the argument coursename leads to SQL injection. The attack may be initiated remotely...
CVE-2024-9037
A vulnerability classified as critical has been found in Codezips Internal Marks Calculation 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2024-9037 Codezips Internal Marks Calculation index.php sql injection
A vulnerability classified as critical has been found in Codezips Internal Marks Calculation 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2024-9037
CVE-2024-9037 affects Codezips Internal Marks Calculation 1.0. The vulnerability is an SQL injection in an unknown function of the file index.php triggered by manipulating the tid parameter, allowing remote execution of queries. Multiple sources (NVD, Red Hat, CVE list, and others) confirm a crit...
Codezips Internal Marks Calculation SQL注入漏洞
Codezips Internal Marks Calculation is a Codezips open source student portal built with PHP. A SQL injection vulnerability exists in Codezips Internal Marks Calculation version 1.0, which stems from an SQL injection in the parameter tid...
The vulnerability of the Setup/Deployment component of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Setup/Deployment component of the Windows operating system is related to the absence of quotation marks in the syntax of certain elements or search paths. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Hitachi Device Manager storage management system lies in the absence of quotation marks in the wording of elements or search paths. This allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Hitachi Device Manager storage management system is related to the absence of quotation marks in the wording of elements or search paths. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected...
CVE-2024-41243
An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...
CVE-2024-41243
An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...
CVE-2024-41243
An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...
Kashipara Responsive School Management System 安全漏洞
Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from an incorrect access control vulnerability contained in the /smsa/viewmarks.php file...
PT-2024-29321 · Unknown · Kashipara Responsive School Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 3.2.0 Description: An issue was found in the /smsa/view marks.php endpoint, allowing remote unauthenticated attackers to view MARKS details due to incorrect access control. Recommendations...
CVE-2024-41243
CVE-2024-41243 : An Incorrect Access Control flaw exists in Kashipara Responsive School Management System v3.2.0, in the /smsa/view_marks.php endpoint. The vulnerability allows remote unauthenticated attackers to view MARKS details, exposing confidential student data. The public documents do not ...
SUSE-SU-2024:2776-1 Security update for dri3proto, presentproto, wayland-protocols, xwayland
This update for dri3proto, presentproto, wayland-protocols, xwayland fixes the following issues: Changes in presentproto: update to version 1.4 patch generated from xorgproto-2024.1 sources Changes in wayland-protocols: - Update to version 1.36: xdg-dialog: fix missing namespace in protocol name ...
The vulnerability of the installation package for the FTRA software, a remote access solution for Rockwell Automation’s FactoryTalk Remote Access systems, allows a perpetrator to execute arbitrary code.
The vulnerability of the installation package of the FTRA software for remote access to Rockwell Automation’s FactoryTalk Remote Access systems is related to the absence of quotation marks in the syntax of certain elements or search paths. Exploiting this vulnerability could allow an attacker to...
Medium: harfbuzz
Issue Overview: hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks. CVE-2023-25193 Affected Packages: harfbuzz Note: This advisory is applicable to Amazon Linux 2...
harfbuzz security update
1.7.5-4 - Resolves:RHEL-8400 allows attackers to trigger On^2 growth via consecutive marks...