1731
|
9.8 |
CRITICAL
Network
online_hospital_management_system_project
|
online_hospital_management_system
|
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application …
|
CWE-89
SQL Injection
|
CVE-2023-37069
|
2024-09-25 10:15 |
2023-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1732
|
9.8 |
CRITICAL
Network
sherlock
|
gym_management_system
|
Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerabili…
|
CWE-89
SQL Injection
|
CVE-2023-37068
|
2024-09-25 10:15 |
2023-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1733
|
7.5 |
HIGH
Network
hitachienergy
|
rtu500_firmware
|
A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with su…
|
CWE-787
Out-of-bounds Write
|
CVE-2022-4608
|
2024-09-25 10:15 |
2023-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1734
|
7.5 |
HIGH
Network
hitachienergy
|
rtu500_firmware
|
A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured wit…
|
CWE-20
Improper Input Validation
|
CVE-2022-2502
|
2024-09-25 10:15 |
2023-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1735
|
3.3 |
LOW
Local
|
silabs
|
gecko_software_development_kit
|
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2023-2687
|
2024-09-25 10:15 |
2023-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1736
|
9.8 |
CRITICAL
Network
ivanti
|
virtual_traffic_management
|
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
|
CWE-287
Improper Authentication
|
CVE-2024-7593
|
2024-09-25 10:00 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1737
|
5.4 |
MEDIUM
Network
|
cyberhobo
|
geo_mashup
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS.This issue affects Geo Mashup: from n/a through 1.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44008
|
2024-09-25 07:08 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1738
|
6.1 |
MEDIUM
Network
|
sktthemes
|
skt_templates
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Templates – Elementor & Gutenberg templates allows Reflected XSS.This issue…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44007
|
2024-09-25 07:08 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1739
|
6.1 |
MEDIUM
Network
|
wclovers
|
wcfm_marketplace
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace allows Reflected XSS.This issue affects WCFM Marketplace: from …
|
CWE-79
Cross-site Scripting
|
CVE-2024-44009
|
2024-09-25 07:06 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1740
|
5.4 |
MEDIUM
Network
|
idxbroker
|
impress_for_idx_broker
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IDX Broker IMPress for IDX Broker allows Stored XSS.This issue affects IMPress for IDX Bro…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44047
|
2024-09-25 07:05 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|