PT-2024-15795 · Mldong · Mldong

Name of the Vulnerable Software and Affected Versions: mldong version 1.0 Description: A critical issue has been found in mldong, affecting the ExpressionEngine function of the file com/mldong/modules/wf/engine/model/DecisionModel.java. This issue leads to code injection and can be initiated...

PT-2024-1561 · Sap · Sap Lt Replication Server

Name of the Vulnerable Software and Affected Versions: SAP LT Replication Server versions S4CORE 103 through S4CORE 108 Description: The issue is related to improper authorization in the SAP LT Replication Server. This could allow a remote attacker with high privileges to perform unintended...

PT-2023-8937 · Outdoorbits · Little-Backup-Box

Name of the Vulnerable Software and Affected Versions: outdoorbits little-backup-box versions prior to f39f91c Description: The issue allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input. This is due to insufficient validation of input dat...

PT-2023-32880 · Unknown · Code-Projects Library Management System

Name of the Vulnerable Software and Affected Versions: code-projects Library Management System version 2.0 Description: A critical issue has been found in the processing of the file login.php, where the manipulation of the student argument leads to SQL injection. This issue can be exploited...

PT-2023-8333 · Sqlite +10 · Sqlite +10

Name of the Vulnerable Software and Affected Versions: SQLite versions up to 3.43.0 Description: A critical issue affects the sessionReadRecord function of the file ext/session/sqlite3session.c, leading to a heap-based buffer overflow. This can be exploited by a remote attacker to impact...

PT-2023-8533 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue concerns the NTPSyncWithHost function in the cstecgi.cgi file of the TOTOLINK EX1200L router's firmware. It allows for arbitrary command execution due to the lack of proper...

PT-2023-32643 · Unknown · Voovi Social Networking Script

Name of the Vulnerable Software and Affected Versions: Voovi Social Networking Script version 1.0 Description: A SQL injection vulnerability has been reported in Voovi Social Networking Script, affecting the photo.php file with multiple parameters. This could allow a remote attacker to send a...

CVE-2023-32836

In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08126725; Issue ID: ALPS08126725...

PT-2023-29521 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities in the Online Food Ordering System. Specifically, the deleted parameter of the routers/user-router.php resource doe...

PT-2023-20740 · Idweb · Idweb

Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue is related to missing authentication in the SearchStudents method, allowing unauthenticated attackers to extract sensitive student data. Recommendations: For versions 3.1.0...

PT-2023-29814 · Unknown · Thingnario Photon

Name of the Vulnerable Software and Affected Versions: ThingNario Photon version 1.0 Description: An issue in the software allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function at the "thingnario Logger Maintenance Webpage" endpoint...

PT-2023-32198 · Unknown · Kphrx Pleroma

Name of the Vulnerable Software and Affected Versions: kphrx pleroma affected versions not specified Description: A vulnerability was found in kphrx pleroma, classified as problematic. It affects the function Pleroma.Emoji.Pack of the file lib/pleroma/emoji/pack.ex. The manipulation of the argume...

PT-2023-6506 · Ibm · Ibm App Connect Enterprise +1

Name of the Vulnerable Software and Affected Versions: IBM App Connect Enterprise versions 11.0.0.1 through 11.0.0.23 IBM App Connect Enterprise versions 12.0.1.0 through 12.0.10.0 IBM Integration Bus versions 10.1 through 10.1.0.1 Description: The issue is related to insufficient input validatio...

PT-2023-5788 · Acronis · Acronis Cyber Protect 16 +2

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Windows versions before build 36497 Acronis Cyber Protect 16 Windows versions before build 37391 Acronis Agent Windows versions before build 36497 Description: The issue is related to a local privilege...

PT-2023-31999 · Unknown · Sourcecodester Engineers Online Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Engineers Online Portal version 1.0 Description: A critical issue was found in the login functionality, specifically in the file login.php. The manipulation of the username and password arguments leads to SQL injection. This...

PT-2023-10354 · Unknown · Doc2K Re-Chat

Name of the Vulnerable Software and Affected Versions: Doc2k RE-Chat version 1.0 Description: A vulnerability was found in Doc2k RE-Chat, which has been classified as problematic. This affects an unknown part of the file js on radio-emergency.de /re chat.js. The manipulation leads to cross site...

PT-2023-27211 · Geonode · Geonode

Name of the Vulnerable Software and Affected Versions: GeoNode versions 3.2.0 through 4.1.2 Description: The issue concerns a server-side request forgery problem in GeoNode. Specifically, the endpoint /proxy/?url= does not properly protect against this type of attack, allowing an attacker to port...

PT-2023-7750 · Sangoma +2 · Asterisk +3

Name of the Vulnerable Software and Affected Versions: Asterisk versions 18.20.0 and prior Asterisk versions 20.5.0 and prior Asterisk version 21.0.0 certified-asterisk versions 18.9-cert5 and prior Description: The issue is related to the PJSIP HEADER dialplan function in Asterisk, where the...

PT-2024-20949 · Imlib2 +1 · Imlib2 +1

Name of the Vulnerable Software and Affected Versions: imlib2 version 1.9.1 Description: An issue in the imlib load image with error return function allows attackers to cause a heap buffer overflow via parsing a crafted image. Recommendations: For imlib2 version 1.9.1, consider disabling the imli...

PT-2023-23453 · Sourcecodester · Sourcecodester Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical issue was found in the SourceCodester Lost and Found Information System. The problem affects an unknown function of the file adminusermanage user.php. The...