151
|
5.3 |
MEDIUM
Network
arubanetworks
|
edgeconnect_sd-wan_orchestrator
|
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack. A succe…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2023-37440
|
2024-10-30 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
152
|
6.1 |
MEDIUM
Network
|
arubanetworks
|
edgeconnect_sd-wan_orchestrator
|
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-37439
|
2024-10-30 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
153
|
7.1 |
HIGH
Local
|
hcltech
|
dryice_iautomate
|
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
Update
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-23347
|
2024-10-30 05:35 |
2023-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
154
|
6.5 |
MEDIUM
Network
|
microfocus
|
dimensions_cm
|
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of cre…
Update
|
NVD-CWE-noinfo
|
CVE-2023-32261
|
2024-10-30 05:35 |
2023-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
155
|
5.5 |
MEDIUM
Local
|
hcltechsw
|
hcl_launch
|
HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.
Update
|
NVD-CWE-noinfo
|
CVE-2023-23348
|
2024-10-30 05:35 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
156
|
9.8 |
CRITICAL
Network
janobe
|
online_hotel_reservation_system
|
A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. T…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10413
|
2024-10-30 05:33 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
157
|
7.2 |
HIGH
Network
|
janobe
|
online_hotel_reservation_system
|
A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doChec…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10411
|
2024-10-30 05:28 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
158
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /file/accept.php. The manipulation of …
New
|
CWE-89
SQL Injection
|
CVE-2024-10415
|
2024-10-30 05:26 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
159
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /file/cancel.php. The manipulation of th…
New
|
CWE-89
SQL Injection
|
CVE-2024-10416
|
2024-10-30 05:21 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
160
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /file/delete.php. The manipulation of the …
New
|
CWE-89
SQL Injection
|
CVE-2024-10417
|
2024-10-30 05:19 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|