|
1081
|
- |
|
-
|
-
|
A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Sect…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0464
|
2025-01-15 02:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1082
|
- |
|
-
|
-
|
A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. It has been classified as critical. Affected is an unknown function of the file /crm/weixinmp/index.p…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-0463
|
2025-01-15 02:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1083
|
- |
|
-
|
-
|
A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical. This issue affects some unknown processing of the file /crm/weixinmp/index…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0462
|
2025-01-15 02:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1084
|
- |
|
-
|
-
|
A remote code execution (RCE) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary code via a crafted request.
|
-
|
CVE-2024-53561
|
2025-01-15 02:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1085
|
6.2 |
MEDIUM
Local
|
-
|
-
|
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-52898
|
2025-01-15 02:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1086
|
- |
|
-
|
-
|
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
|
CWE-36
Absolute Path Traversal
|
CVE-2024-10811
|
2025-01-15 02:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1087
|
- |
|
-
|
-
|
A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the application blocking functionality.
|
CWE-366
Race Condition within a Thread
|
CVE-2024-10630
|
2025-01-15 02:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1088
|
- |
|
-
|
-
|
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_visits.php.
|
-
|
CVE-2023-42244
|
2025-01-15 02:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1089
|
- |
|
-
|
-
|
MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:[id]/debts/create.
|
-
|
CVE-2024-54998
|
2025-01-15 02:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1090
|
- |
|
-
|
-
|
MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the first_name and last_name parameters in the Add a new relationship feature.
|
-
|
CVE-2024-54994
|
2025-01-15 02:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
