|
312751
|
- |
|
-
|
-
|
Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3 v3.1.99995 allows attackers to write arbitrary files unto the system via a crafted .inv3 file.
|
-
|
CVE-2024-44825
|
2024-09-27 01:35 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312752
|
9.8 |
CRITICAL
Network
|
code-projects
|
student_record_system
|
A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of th…
|
CWE-89
SQL Injection
|
CVE-2024-9080
|
2024-09-27 01:32 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312753
|
9.8 |
CRITICAL
Network
|
code-projects
|
student_record_system
|
A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument co…
|
CWE-89
SQL Injection
|
CVE-2024-9079
|
2024-09-27 01:32 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312754
|
9.8 |
CRITICAL
Network
|
code-projects
|
student_record_system
|
A vulnerability has been found in code-projects Student Record System 1.0 and classified as critical. This vulnerability affects unknown code of the file /course.php. The manipulation of the argument…
|
CWE-89
SQL Injection
|
CVE-2024-9078
|
2024-09-27 01:31 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312755
|
4.3 |
MEDIUM
Network
|
infiniteuploads
|
big_file_uploads
|
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing …
|
CWE-22
Path Traversal
|
CVE-2024-8538
|
2024-09-27 01:28 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312756
|
9.8 |
CRITICAL
Network
|
wpcharitable
|
charitable
|
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. Thi…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-8791
|
2024-09-27 01:25 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312757
|
5.3 |
MEDIUM
Network
|
ba-booking
|
ba_book_everything
|
The BA Book Everything plugin for WordPress is vulnerable to arbitrary password reset in all versions up to, and including, 1.6.20. This is due to the reset_user_password() function not verifying a u…
|
NVD-CWE-Other
|
CVE-2024-8794
|
2024-09-27 01:23 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312758
|
6.1 |
MEDIUM
Network
|
ninjaforms
|
ninja_forms_file_uploads
|
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. RTX file) in all versions up to, and including, 3.3.16 due to insufficient …
|
CWE-79
Cross-site Scripting
|
CVE-2024-1596
|
2024-09-27 01:23 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312759
|
5.4 |
MEDIUM
Network
|
master-addons
|
master_addons
|
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-jltma-wrapper-link element…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6282
|
2024-09-27 01:19 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312760
|
- |
|
-
|
-
|
Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0.
|
-
|
CVE-2024-46957
|
2024-09-27 01:15 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
