|
315861
|
7.5 |
HIGH
Network
|
janobe
|
school_attendence_monitoring_system
school_event_management_system
paypal
credit_card
debit_card_payment
|
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and re…
|
CWE-89
SQL Injection
|
CVE-2024-33973
|
2024-08-9 00:24 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315862
|
6.1 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary c…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41242
|
2024-08-9 00:21 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315863
|
5.3 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER d…
|
NVD-CWE-Other
|
CVE-2024-41245
|
2024-08-9 00:20 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315864
|
5.3 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS detail…
|
NVD-CWE-Other
|
CVE-2024-41244
|
2024-08-9 00:20 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315865
|
5.3 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS detail…
|
NVD-CWE-Other
|
CVE-2024-41243
|
2024-08-9 00:19 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315866
|
- |
|
-
|
-
|
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored wi…
|
-
|
CVE-2024-42357
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315867
|
- |
|
-
|
-
|
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency info…
|
-
|
CVE-2024-42356
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315868
|
- |
|
-
|
-
|
Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts a…
|
-
|
CVE-2024-42355
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315869
|
- |
|
-
|
-
|
Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only Ap…
|
-
|
CVE-2024-42354
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315870
|
- |
|
-
|
-
|
JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their ow…
|
-
|
CVE-2024-41942
|
2024-08-9 00:15 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
