|
3561
|
- |
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0.
|
-
|
CVE-2024-13248
|
2025-01-11 07:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3562
|
- |
|
-
|
-
|
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.
|
-
|
CVE-2025-22376
|
2025-01-11 07:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3563
|
5.4 |
MEDIUM
Network
|
osuuu
|
lightpicture
|
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The ma…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13141
|
2025-01-11 06:39 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3564
|
5.4 |
MEDIUM
Network
|
emlog
|
emlog
|
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Han…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13140
|
2025-01-11 06:34 |
2025-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3565
|
9.8 |
CRITICAL
Network
code-projects
|
online_shoe_store
|
A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /summary.php. The manipulation of the argument tid leads …
|
CWE-89
SQL Injection
|
CVE-2025-0208
|
2025-01-11 06:28 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
3566
|
9.8 |
CRITICAL
Network
code-projects
|
online_shoe_store
|
A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/login.php. The man…
|
CWE-89
SQL Injection
|
CVE-2025-0207
|
2025-01-11 06:27 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
3567
|
9.8 |
CRITICAL
Network
campcodes
|
school_faculty_scheduling_system
|
A vulnerability has been found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?act…
|
CWE-89
SQL Injection
|
CVE-2025-0210
|
2025-01-11 06:20 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
3568
|
- |
|
-
|
-
|
On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as ro…
|
-
|
CVE-2024-5872
|
2025-01-11 06:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3569
|
8.8 |
HIGH
Network
|
wangl1989
|
mysiteforme
|
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileC…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-13139
|
2025-01-11 06:02 |
2025-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3570
|
8.8 |
HIGH
Network
|
wangl1989
|
mysiteforme
|
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/Loc…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-13138
|
2025-01-11 06:01 |
2025-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
