CVE-2024-1875 SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload

A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as critical. This issue affects some unknown processing of the file users/register-complaint.php of the component Lodge Complaint Section. The manipulation leads to unrestricted upload. The attack may be...

CVE-2024-1875 SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload

A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as critical. This issue affects some unknown processing of the file users/register-complaint.php of the component Lodge Complaint Section. The manipulation leads to unrestricted upload. The attack may be...

PT-2024-18383 · Sourcecodester · Sourcecodester Complaint Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Complaint Management System version 1.0 Description: A critical issue affects the Lodge Complaint Section component, specifically the file users/register-complaint.php, leading to unrestricted upload. The attack can be initiate...

Simple Student Attendance System Cross-Site Scripting Vulnerability

Simple Student Attendance System is a simple student attendance system. A cross-site scripting vulnerability exists in SourceCodester Simple Student Attendance System version 1.0, which stems from the presence of an unknown section of the page that uses special inputs to cause cross-site scriptin...

CVE-2022-45179

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user authenticated to the product can store arbitrary HTML code in the...

CVE-2022-45179

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user authenticated to the product can store arbitrary HTML code in the...

PT-2024-15840 · WordPress · Cost Of Goods Sold (Cogs): Cost & Profit Calculator

Name of the Vulnerable Software and Affected Versions: The Cost of Goods Sold COGS: Cost & Profit Calculator for WooCommerce plugin for WordPress versions up to, and including, 3.2.8 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and...

NullSection - An Anti-Reversing Tool That Applies A Technique That Overwrites The Section Header With Nullbytes

NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes. Install git clone https://github.com/MatheuZSecurity/NullSection cd NullSection gcc nullsection.c -o nullsection ./nullsection Advantage When running nullsection on any ELF, it could ...

CVE-2024-25300

A cross-site scripting XSS vulnerability in Redaxo v5.15.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Template section...

CVE-2024-25221

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...

CVE-2024-25221

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...

Cross site scripting

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...

Redaxo Cross-Site Scripting Vulnerability

Redaxo is a content management system from Redaxo open source. A cross-site scripting vulnerability exists in Redaxo version v5.15.1 that originates from a payload that allows an attacker to execute arbitrary web script or HTML via a payload injected into the Name parameter of the Template sectio...

The vulnerability of the XWiki Platform, related to improper code generation management, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the XWiki Platform lies in improper code generation management. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of protected information through the use of the section URL parameter...

CVE-2024-25221

CVE-2024-25221 affects Task Manager App v1.0, where a reflected XSS can be triggered via the Note Section parameter in /TaskManager/Tasks.php. The CVE entry lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, low attack complexity, no privileges, user interaction required, an...

CVE-2024-25300

CVE-2024-25300 affects Redaxo v5.15.1, exposing an XSS in the Template section via the Name parameter. The root cause is unsanitized input in Name, allowing arbitrary web scripts/HTML execution. Impact is limited to the affected user/recipient interactions as described (no exploit details provide...

CVE-2024-25221

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...

CVE-2024-25300

A cross-site scripting XSS vulnerability in Redaxo v5.15.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Template section...

Important: Red Hat Security Advisory: dotnet7.0 security update

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

KLA63958 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions. Below is a complete list of...