|
191
|
8.8 |
HIGH
Network
|
mayurik
|
best_house_rental_management_system
|
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=update_accoun…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9041
|
2024-09-28 00:57 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
192
|
5.4 |
MEDIUM
Network
|
mayurik
|
best_house_rental_management_system
|
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ajax.ph…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9033
|
2024-09-28 00:56 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
193
|
6.1 |
MEDIUM
Network
|
xootix
|
waitlist_woocommerce
|
The Waitlist Woocommerce ( Back in stock notifier ) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8724
|
2024-09-28 00:56 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194
|
9.8 |
CRITICAL
Network
code-projects
|
blood_bank_system
|
A vulnerability classified as critical was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file /admin/blood/update/o-.php. The manipulation of the argume…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9094
|
2024-09-28 00:54 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
195
|
5.5 |
MEDIUM
Local
|
code-projects
|
blood_bank_management_system
|
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation lea…
Update
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-9040
|
2024-09-28 00:53 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196
|
5.4 |
MEDIUM
Network
|
wpgogo
|
custom_field_template
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-44062
|
2024-09-28 00:49 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197
|
- |
|
-
|
-
|
A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Face…
New
|
-
|
CVE-2024-45863
|
2024-09-28 00:35 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198
|
- |
|
-
|
-
|
A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook …
New
|
-
|
CVE-2024-45773
|
2024-09-28 00:35 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199
|
- |
|
-
|
-
|
An arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code via a ZIP archive to themePutFile in app/common/util/Upload.php (called from app/admin/controller/ypay/…
New
|
-
|
CVE-2024-46441
|
2024-09-28 00:35 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200
|
- |
|
-
|
-
|
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unlo…
New
|
-
|
CVE-2024-45989
|
2024-09-28 00:35 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
