|
301
|
9.8 |
CRITICAL
Network
fabinros
|
simple_car_rental_system
|
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname le…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10702
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
302
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
car_rental_portal
|
A vulnerability was found in PHPGurukul Car Rental Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search.php. The manipulation of the argument s…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10701
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303
|
6.5 |
MEDIUM
Network
|
cert
|
vince
|
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
Update
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-10469
|
2024-11-6 01:51 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304
|
4.8 |
MEDIUM
Adjacent
|
argo_workflows_project
|
argo_workflows
|
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controll…
Update
|
CWE-362
CWE-1108
Race Condition
Excessive Reliance on Global Variables
|
CVE-2024-47827
|
2024-11-6 01:50 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305
|
7.5 |
HIGH
Network
squid-cache
|
squid
|
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resour…
Update
|
NVD-CWE-noinfo
|
CVE-2024-45802
|
2024-11-6 01:45 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
306
|
7.5 |
HIGH
Network
ruby-lang
|
rexml
|
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). …
Update
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-49761
|
2024-11-6 01:41 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
307
|
7.5 |
HIGH
Network
ibm
|
cics_transaction_gateway
|
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retr…
Update
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2023-50310
|
2024-11-6 01:40 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
308
|
- |
|
-
|
-
|
The Pods WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w…
New
|
-
|
CVE-2024-9883
|
2024-11-6 01:36 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309
|
- |
|
-
|
-
|
The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting posts, which could allow attackers to make logged in admin perform such action via a CSRF attack
New
|
-
|
CVE-2024-9689
|
2024-11-6 01:36 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310
|
- |
|
-
|
-
|
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at ru_wan_flow.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via…
New
|
-
|
CVE-2024-52030
|
2024-11-6 01:35 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
