|
4371
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to …
|
CWE-22
Path Traversal
|
CVE-2024-45652
|
2025-01-19 12:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4372
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been classified as critical. Affected is an unknown function of the file /dash/update.php. The manipulation of the argument unam…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0563
|
2025-01-19 11:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4373
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/health_status_entry.php. The manipu…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0562
|
2025-01-19 11:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4374
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argumen…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0561
|
2025-01-19 09:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4375
|
7.5 |
HIGH
Network
-
|
-
|
IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resourc…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-45662
|
2025-01-19 02:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
4376
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and
IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18
could allow …
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2024-49824
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4377
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
|
CWE-213
Exposure of Sensitive Information Due to Incompatible Policies
|
CVE-2024-49354
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
4378
|
8.1 |
HIGH
Network
|
-
|
-
|
IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker …
|
CWE-91
Blind XPath Injection
|
CVE-2024-47113
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4379
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the sy…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2024-47106
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
4380
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery …
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0560
|
2025-01-19 00:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
