Show filters
322,620 Total Results
Displaying 1-10 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown

CVE-2024-8611

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file ssms.php. The manipulation of the argument customer leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
0
Attacker Value
Unknown

CVE-2024-8610

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
A vulnerability classified as problematic has been found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /index.php?page=tenants of the component New Tenant Page. The manipulation of the argument Last Name/First Name/Middle Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
0
Attacker Value
Unknown

CVE-2024-44411

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the msp_info_htm function.
0
Attacker Value
Unknown

CVE-2024-44410

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.
0
Attacker Value
Unknown

CVE-2024-27365

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_blockack_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
0
Attacker Value
Unknown

CVE-2024-6796

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content.
0
Attacker Value
Unknown

CVE-2024-6795

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.  An attacker could have submitted a crafted payload to Connex portal that could have resulted in modification and disclosure of database content and/or perform administrative operations including shutting down the database.
0
Attacker Value
Unknown

CVE-2024-44902

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.
0
Attacker Value
Unknown

CVE-2024-44725

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php.
0
Attacker Value
Unknown

CVE-2024-44724

Disclosure Date: September 09, 2024 (last updated September 10, 2024)
AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url parameter at /admin/site_add.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value.
0