231
|
9.8 |
CRITICAL
Network
mayurik
|
modern_loan_management_system
|
A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file search_member.php. The manipulation of t…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9090
|
2024-09-28 01:22 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
232
|
5.4 |
MEDIUM
Network
|
mayurik
|
modern_loan_management_system
|
A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file update_loan_record.php. The manipul…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9089
|
2024-09-28 01:21 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
233
|
7.3 |
HIGH
Network
pluginus
|
fox_-_currency_switcher_professional_for_woocommerce
|
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the soft…
Update
|
CWE-94
Code Injection
|
CVE-2024-8271
|
2024-09-28 01:21 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
234
|
4.8 |
MEDIUM
Network
|
razormist
|
employee_management_system
|
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argum…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9083
|
2024-09-28 01:20 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
235
|
9.8 |
CRITICAL
Network
code-projects
|
restaurant_reservation_system
|
A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the …
Update
|
CWE-89
SQL Injection
|
CVE-2024-9085
|
2024-09-28 01:19 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
236
|
9.8 |
CRITICAL
Network
oretnom23
|
online_eyewear_shop
|
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Users.phpf=save of the component …
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-9082
|
2024-09-28 01:18 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
237
|
7.5 |
HIGH
Network
oretnom23
|
online_eyewear_shop
|
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_category.php. The ma…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9081
|
2024-09-28 01:17 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
238
|
- |
|
-
|
-
|
mudler/localai version 2.17.1 is vulnerable to remote code execution. The vulnerability arises because the localai backend receives inputs not only from the configuration file but also from other inp…
New
|
CWE-94
Code Injection
|
CVE-2024-6983
|
2024-09-28 01:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
239
|
- |
|
-
|
-
|
authentik is an open-source identity provider. Prior to versions 2024.8.3 and 2024.6.5, access tokens issued to one application can be stolen by that application and used to impersonate the user agai…
New
|
CWE-863
Incorrect Authorization
|
CVE-2024-47077
|
2024-09-28 01:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
240
|
- |
|
-
|
-
|
authentik is an open-source identity provider. A vulnerability that exists in versions prior to 2024.8.3 and 2024.6.5 allows bypassing password login by adding X-Forwarded-For header with an unparsab…
New
|
CWE-287
Improper Authentication
|
CVE-2024-47070
|
2024-09-28 01:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|