|
313761
|
7.5 |
HIGH
Network
|
janobe
|
school_attendence_monitoring_system
school_event_management_system
paypal
credit_card
debit_card_payment
|
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and re…
|
CWE-89
SQL Injection
|
CVE-2024-33970
|
2024-08-9 00:26 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313762
|
7.5 |
HIGH
Network
|
janobe
|
school_attendence_monitoring_system
school_event_management_system
paypal
credit_card
debit_card_payment
|
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and re…
|
CWE-89
SQL Injection
|
CVE-2024-33972
|
2024-08-9 00:25 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313763
|
7.5 |
HIGH
Network
|
janobe
|
school_attendence_monitoring_system
school_event_management_system
paypal
credit_card
debit_card_payment
|
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and re…
|
CWE-89
SQL Injection
|
CVE-2024-33973
|
2024-08-9 00:24 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313764
|
6.1 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary c…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41242
|
2024-08-9 00:21 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313765
|
5.3 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER d…
|
NVD-CWE-Other
|
CVE-2024-41245
|
2024-08-9 00:20 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313766
|
5.3 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS detail…
|
NVD-CWE-Other
|
CVE-2024-41244
|
2024-08-9 00:20 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313767
|
5.3 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS detail…
|
NVD-CWE-Other
|
CVE-2024-41243
|
2024-08-9 00:19 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313768
|
- |
|
-
|
-
|
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored wi…
|
-
|
CVE-2024-42357
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313769
|
- |
|
-
|
-
|
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency info…
|
-
|
CVE-2024-42356
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313770
|
- |
|
-
|
-
|
Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts a…
|
-
|
CVE-2024-42355
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
