|
2531
|
- |
|
-
|
-
|
A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php in PHPGurukul User Management System v1.0, which allows remote attackers to execute arbitrary code via the "…
|
-
|
CVE-2024-50991
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2532
|
- |
|
-
|
-
|
A Reflected Cross Site Scriptng (XSS) vulnerability was found in /omrs/user/search.php in PHPGurukul Online Marriage Registration System v1.0, which allows remote attackers to execute arbitrary code …
|
-
|
CVE-2024-50990
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2533
|
- |
|
-
|
-
|
Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can read and delete arbitrary files from the server. File attachments, that are viewabl…
|
CWE-22
CWE-27
Path Traversal
Path Traversal: 'dir/../../filename'
|
CVE-2024-51747
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2534
|
- |
|
-
|
-
|
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the att…
|
-
|
CVE-2024-47131
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2535
|
- |
|
-
|
-
|
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the atta…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2024-39605
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2536
|
- |
|
-
|
-
|
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the atta…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2024-39354
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2537
|
- |
|
-
|
-
|
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5.202406.d. This issue affects some unknown processing of the file /admin/cmsTagType/save of the component Ta…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-11070
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2538
|
- |
|
-
|
-
|
Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 818.
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2024-34015
|
2024-11-12 22:55 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2539
|
- |
|
-
|
-
|
Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 818, Acronis Backup e…
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2024-34014
|
2024-11-12 22:55 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2540
|
- |
|
-
|
-
|
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Wi?sek.
|
-
|
CVE-2024-10345
|
2024-11-12 22:55 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
