|
314711
|
7.2 |
HIGH
Network
|
fiware
|
keyrock
|
The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user …
|
CWE-78
OS Command
|
CVE-2024-42167
|
2024-08-30 00:24 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314712
|
5.4 |
MEDIUM
Network
|
oretnom23
|
yoga_class_registration_system
|
A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/inquiries/view_inquiry.php.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7852
|
2024-08-30 00:23 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314713
|
7.2 |
HIGH
Network
|
fiware
|
keyrock
|
The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user wit…
|
CWE-78
OS Command
|
CVE-2024-42166
|
2024-08-30 00:23 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314714
|
8.8 |
HIGH
Network
|
oretnom23
|
yoga_class_registration_system
|
A vulnerability was found in SourceCodester Yoga Class Registration System up to 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=categories/view_cate…
|
CWE-89
SQL Injection
|
CVE-2024-7853
|
2024-08-30 00:22 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314715
|
9.8 |
CRITICAL
Network
|
oretnom23
|
yoga_class_registration_system
|
A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save of the co…
|
NVD-CWE-noinfo
|
CVE-2024-7851
|
2024-08-30 00:22 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314716
|
5.4 |
MEDIUM
Network
|
fiware
|
keyrock
|
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2024-42165
|
2024-08-30 00:21 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314717
|
4.3 |
MEDIUM
Network
|
fiware
|
keyrock
|
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa l…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2024-42164
|
2024-08-30 00:19 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314718
|
8.1 |
HIGH
Network
|
fiware
|
keyrock
|
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2024-42163
|
2024-08-30 00:17 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314719
|
9.8 |
CRITICAL
Network
|
oretnom23
|
music_gallery_site
|
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file /admin/?page=musics/manage_music. The manipulation of the argu…
|
CWE-89
SQL Injection
|
CVE-2024-8222
|
2024-08-30 00:13 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314720
|
9.8 |
CRITICAL
Network
|
oretnom23
|
music_gallery_site
|
A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=delete_category. The manipulation …
|
CWE-89
SQL Injection
|
CVE-2024-8223
|
2024-08-30 00:11 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
