Lucene search
K

229 matches found

BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.5 views

The vulnerability of the Grafana Agent’s data visualization system lies in the lack of quotation marks when writing elements or search paths, allowing attackers to exploit their privileges.

The vulnerability of the Grafana Agent visualization system is related to the absence of quotation marks in the writing of elements or search paths. Exploiting this vulnerability can allow attackers to increase their privileges...

7.3CVSS7.2AI score0.00264EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/09/22 5:15 a.m.7 views

CVE-2024-9079

A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.8AI score0.00737EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/09/22 12:0 a.m.3 views

Code-Projects Student Record System SQL注入漏洞

Code-Projects Student Record System is a Code-Projects open source student record system. Code-Projects Student Record System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the SQL injection of the coursename parameter in the /marks.php file...

9.8CVSS7.9AI score0.00737EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/09/21 12:0 a.m.5 views

PT-2024-39413 · Unknown · Code-Projects Student Record System

Name of the Vulnerable Software and Affected Versions: code-projects Student Record System version 1.0 Description: A critical issue affects the processing of the file /marks.php. The manipulation of the argument coursename leads to SQL injection. The attack may be initiated remotely...

9.8CVSS8.2AI score0.00737EPSS
Exploits1References15
NVD
NVD
added 2024/09/20 4:15 p.m.20 views

CVE-2024-9037

A vulnerability classified as critical has been found in Codezips Internal Marks Calculation 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

7.5CVSS0.0062EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/09/20 3:31 p.m.13 views

CVE-2024-9037 Codezips Internal Marks Calculation index.php sql injection

A vulnerability classified as critical has been found in Codezips Internal Marks Calculation 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

7.5CVSS0.0062EPSS
Exploits1References4
CVE
CVE
added 2024/09/20 3:31 p.m.76 views

CVE-2024-9037

CVE-2024-9037 affects Codezips Internal Marks Calculation 1.0. The vulnerability is an SQL injection in an unknown function of the file index.php triggered by manipulating the tid parameter, allowing remote execution of queries. Multiple sources (NVD, Red Hat, CVE list, and others) confirm a crit...

7.5CVSS7.6AI score0.0062EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/09/20 12:0 a.m.3 views

Codezips Internal Marks Calculation SQL注入漏洞

Codezips Internal Marks Calculation is a Codezips open source student portal built with PHP. A SQL injection vulnerability exists in Codezips Internal Marks Calculation version 1.0, which stems from an SQL injection in the parameter tid...

7.5CVSS7.9AI score0.0062EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.6 views

The vulnerability of the Setup/Deployment component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Setup/Deployment component of the Windows operating system is related to the absence of quotation marks in the syntax of certain elements or search paths. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.4AI score0.00615EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/02 12:0 a.m.6 views

The vulnerability of the Hitachi Device Manager storage management system lies in the absence of quotation marks in the wording of elements or search paths. This allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Hitachi Device Manager storage management system is related to the absence of quotation marks in the wording of elements or search paths. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected...

6.8CVSS6.6AI score0.00165EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/08/07 5:15 p.m.4 views

CVE-2024-41243

An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...

5.3CVSS5.8AI score0.00514EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/07 12:0 a.m.11 views

CVE-2024-41243

An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...

7.1AI score0.00514EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/08/07 12:0 a.m.18 views

CVE-2024-41243

An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...

0.00514EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.4 views

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from an incorrect access control vulnerability contained in the /smsa/viewmarks.php file...

5.3CVSS6.7AI score0.00514EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/08/07 12:0 a.m.4 views

PT-2024-29321 · Unknown · Kashipara Responsive School Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 3.2.0 Description: An issue was found in the /smsa/view marks.php endpoint, allowing remote unauthenticated attackers to view MARKS details due to incorrect access control. Recommendations...

5.3CVSS7.1AI score0.00514EPSS
Exploits1References4
CVE
CVE
added 2024/08/07 12:0 a.m.36 views

CVE-2024-41243

CVE-2024-41243 : An Incorrect Access Control flaw exists in Kashipara Responsive School Management System v3.2.0, in the /smsa/view_marks.php endpoint. The vulnerability allows remote unauthenticated attackers to view MARKS details, exposing confidential student data. The public documents do not ...

5.3CVSS6.8AI score0.00514EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/08/06 12:33 p.m.10 views

SUSE-SU-2024:2776-1 Security update for dri3proto, presentproto, wayland-protocols, xwayland

This update for dri3proto, presentproto, wayland-protocols, xwayland fixes the following issues: Changes in presentproto: update to version 1.4 patch generated from xorgproto-2024.1 sources Changes in wayland-protocols: - Update to version 1.36: xdg-dialog: fix missing namespace in protocol name ...

7.8CVSS8AI score0.01843EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.5 views

The vulnerability of the installation package for the FTRA software, a remote access solution for Rockwell Automation’s FactoryTalk Remote Access systems, allows a perpetrator to execute arbitrary code.

The vulnerability of the installation package of the FTRA software for remote access to Rockwell Automation’s FactoryTalk Remote Access systems is related to the absence of quotation marks in the syntax of certain elements or search paths. Exploiting this vulnerability could allow an attacker to...

6.8CVSS6AI score0.00272EPSS
Exploits0References3Affected Software1
Amazon
Amazon
added 2024/07/11 12:0 a.m.4 views

Medium: harfbuzz

Issue Overview: hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks. CVE-2023-25193 Affected Packages: harfbuzz Note: This advisory is applicable to Amazon Linux 2...

7.5CVSS7AI score0.01812EPSS
Exploits0
Oracle linux
Oracle linux
added 2024/05/23 12:0 a.m.33 views

harfbuzz security update

1.7.5-4 - Resolves:RHEL-8400 allows attackers to trigger On^2 growth via consecutive marks...

7.5CVSS7.1AI score0.01812EPSS
Exploits0
Rows per page
Query Builder