Total
343764 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8003 | 1 Gotribe | 1 Gotribe-admin | 2024-08-21 | 2.7 LOW | 9.8 CRITICAL |
| A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log Handler. The manipulation leads to deserialization. The patch is identified as 45ac90d6d1f82716f77dbcdf8e7309c229080e3c. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2024-8005 | 1 Demozx | 1 Gf Cms | 2024-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.2 is able to address this issue. The patch is named be702ada7cb6fdabc02689d90b38139c827458a5. It is recommended to upgrade the affected component. | |||||
| CVE-2024-30949 | 1 Newlib Project | 1 Newlib | 2024-08-21 | N/A | 9.8 CRITICAL |
| An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function. | |||||
| CVE-2024-7945 | 1 Adonesevangelista | 1 Laravel Property Management System | 2024-08-21 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/notes/create of the component Notes Page. The manipulation of the argument Note text leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7944 | 1 Adonesevangelista | 1 Laravel Property Management System | 2024-08-21 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been classified as critical. Affected is the function UpdateDocumentsRequest of the file DocumentsController.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-42577 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-7929 | 1 Oretnom23 | 1 Simple Forum Website | 2024-08-21 | 5.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability, which was classified as problematic, was found in SourceCodester Simple Forum Website 1.0. This affects an unknown part of the file /registration.php of the component Signup Page. The manipulation of the argument username leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7946 | 1 Adonesevangelista | 1 Online Blood Bank Management System | 2024-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file register.php of the component User Signup. The manipulation of the argument user leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7947 | 1 Janobe | 1 Point Of Sales And Inventory Management System | 2024-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in SourceCodester Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-42335 | 1 7-twenty | 1 Bot | 2024-08-21 | N/A | 5.4 MEDIUM |
| 7Twenty - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2024-42566 | 1 Arajajyothibabu | 1 School Management System | 2024-08-21 | N/A | 9.8 CRITICAL |
| School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php | |||||
| CVE-2024-42567 | 1 Arajajyothibabu | 1 School Management System | 2024-08-21 | N/A | 9.8 CRITICAL |
| School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2. | |||||
| CVE-2024-42570 | 1 Arajajyothibabu | 1 School Management System | 2024-08-21 | N/A | 9.8 CRITICAL |
| School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at admininsert.php. | |||||
| CVE-2024-42574 | 1 Arajajyothibabu | 1 School Management System | 2024-08-21 | N/A | 9.8 CRITICAL |
| School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php. | |||||
| CVE-2024-42575 | 1 Arajajyothibabu | 1 School Management System | 2024-08-21 | N/A | 9.8 CRITICAL |
| School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at substaff.php. | |||||
| CVE-2024-42580 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42581 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42582 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42583 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42603 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearall | |||||