1661
|
5.4 |
MEDIUM
Network
|
code-projects
|
blood_bank_system
|
A vulnerability classified as problematic was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file bbms.php. The manipulation of the argument fullname/age…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9084
|
2024-09-27 00:29 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1662
|
6.5 |
MEDIUM
Network
|
apexsoftcell
|
ld_geo ld_dp_back_office
|
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this v…
|
NVD-CWE-Other
|
CVE-2024-47086
|
2024-09-27 00:29 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1663
|
9.8 |
CRITICAL
Network
code-projects
|
restaurant_reservation_system
|
A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0. Affected is an unknown function of the file /filter.php. The manipulation of the argument fro…
|
CWE-89
SQL Injection
|
CVE-2024-9086
|
2024-09-27 00:26 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1664
|
6.5 |
MEDIUM
Network
|
apexsoftcell
|
ld_geo ld_dp_back_office
|
This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. An authenticated remote attacker could exploit th…
|
NVD-CWE-Other
|
CVE-2024-47087
|
2024-09-27 00:25 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1665
|
9.8 |
CRITICAL
Network
razormist
|
telecom_billing_management_system
|
A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument unam…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9088
|
2024-09-27 00:19 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1666
|
9.8 |
CRITICAL
Network
vehicle_management_project
|
vehicle_management
|
A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. This affects an unknown part of the file /edit1.php. The manipulation of the argument sno leads t…
|
CWE-89
SQL Injection
|
CVE-2024-9087
|
2024-09-27 00:16 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1667
|
5.4 |
MEDIUM
Network
|
theme-fusion
|
avada
|
The Avada | Website Builder For WordPress & eCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fusion_button shortcode in all versions up to, and including, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-5628
|
2024-09-27 00:14 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1668
|
4.3 |
MEDIUM
Network
|
realestateconnected
|
easy_property_listings
|
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack
|
CWE-352
Origin Validation Error
|
CVE-2024-3163
|
2024-09-27 00:13 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1669
|
7.5 |
HIGH
Network
tamparongj_03
|
online_graduate_tracer_system
|
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/fetch_it.php…
|
CWE-89
SQL Injection
|
CVE-2024-7845
|
2024-09-27 00:10 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1670
|
6.1 |
MEDIUM
Network
|
wpfactory
|
wpfactory_helper
|
The WPFactory Helper plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including,…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8656
|
2024-09-27 00:04 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|