31
|
- |
|
-
|
-
|
A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/ad…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9323
|
2024-09-29 16:15 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
32
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Supply Chain Management 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit_manufacturer.php. The manipulation …
New
|
CWE-89
SQL Injection
|
CVE-2024-9322
|
2024-09-29 12:15 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
33
|
- |
|
-
|
-
|
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/inquiries/view_details.php.…
New
|
CWE-284
Improper Access Control
|
CVE-2024-9321
|
2024-09-29 10:15 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
34
|
7.5 |
HIGH
Network
rapidscada
|
rapid_scada
|
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.
Update
|
CWE-521
Weak Password Requirements
|
CVE-2024-47221
|
2024-09-29 09:45 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
35
|
6.5 |
MEDIUM
Network
|
zte
|
mf296r_firmware
|
There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of servic…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2022-39068
|
2024-09-29 09:41 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
36
|
4.8 |
MEDIUM
Network
|
decidim
|
decidim
|
decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. The WYSWYG editor QuillJS is subject to potential XSS attach in case the…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-39910
|
2024-09-29 09:33 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
37
|
6.1 |
MEDIUM
Network
|
rws
|
multitrans
|
Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and earlier allow attackers to execute arbitrary web scripts or HTML via a crafted payload.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-43024
|
2024-09-29 09:27 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
38
|
5.6 |
MEDIUM
Local
|
microsoft
|
windows_11_22h2 windows_11_23h2
|
Windows Kernel Information Disclosure Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-37985
|
2024-09-29 09:26 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
39
|
4.9 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
|
IBM Business Automation Workflow
22.0.2, 23.0.1, 23.0.2, and 24.0.0
could allow a privileged user to perform unauthorized activities due to improper client side validation.
Update
|
NVD-CWE-Other
|
CVE-2024-43188
|
2024-09-29 09:24 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
40
|
9.0 |
CRITICAL
Network
|
acquia
|
mautic
|
Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permiss…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2021-27915
|
2024-09-29 09:22 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|