210 matches found
CVE-2024-35349
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/viewcategory.php. Manipulating the argument id can result in SQL injection...
Fedora: Security Advisory for qt6-qtquick3dphysics (FEDORA-2024-bfb8617ba3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-35359
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=viewitem. Manipulating the argument id can result in SQL injection...
CVE-2024-35359
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=viewitem. Manipulating the argument id can result in SQL injection...
CVE-2024-35349
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/viewcategory.php. Manipulating the argument id can result in SQL injection...
CVE-2024-35349
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/viewcategory.php. Manipulating the argument id can result in SQL injection...
CVE-2024-35352
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting...
CVE-2024-35350
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/viewborrow. Manipulating the argument id can result in SQL injection...
CVE-2024-35351
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=updatesettings. Manipulating the parameter name results in cross-site scripting...
CVE-2024-35351
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=updatesettings. Manipulating the parameter name results in cross-site scripting...
CVE-2024-35353
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization...
CVE-2024-35352
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting...
CVE-2024-35350
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/viewborrow. Manipulating the argument id can result in SQL injection...
CVE-2024-35349
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/viewcategory.php. Manipulating the argument id can result in SQL injection...
CVE-2024-35349
CVE-2024-35349 affects Diño Physics School Assistant 2.3. The vulnerability arises from unvalidated handling of the id argument in /admin/category/view_category.php, enabling SQL injection via that parameter. The CVSS 3.1 score is 9.8 (CRITICAL) with Network attack vector, no privileges required,...
CVE-2024-35350
The CVE-2024-35350 entry concerns Diño Physics School Assistant v2.3. A SQL injection vulnerability exists in the code handling the endpoint /admin/?page=borrow/view_borrow, triggered by manipulating the id parameter. Affected component is the admin borrow viewing logic; root cause is unvalidated...
CVE-2024-35350
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/viewborrow. Manipulating the argument id can result in SQL injection...
CVE-2024-35351
CVE-2024-35351 affects Diño Physics School Assistant version 2.3, with a cross-site scripting vulnerability in the code path handling /classes/SystemSettings.php?f=update_settings. The root cause is unvalidated manipulation of the parameter name that can lead to stored/reflective XSS depending on...
CVE-2024-35351
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=updatesettings. Manipulating the parameter name results in cross-site scripting...
CVE-2024-35359
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=viewitem. Manipulating the argument id can result in SQL injection...