|
316701
|
- |
|
-
|
-
|
An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest…
|
-
|
CVE-2024-45158
|
2024-09-6 21:08 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316702
|
- |
|
-
|
-
|
Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of certified-asterisk, if Asterisk attempts…
|
-
|
CVE-2024-42491
|
2024-09-6 21:08 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316703
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
job_portal
|
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8473
|
2024-09-6 20:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316704
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
job_portal
|
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8472
|
2024-09-6 20:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316705
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
job_portal
|
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8471
|
2024-09-6 20:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316706
|
7.5 |
HIGH
Network
|
phpgurukul
|
job_portal
|
SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/vacancy/controller.php, and retrieve all the information stored …
|
CWE-89
SQL Injection
|
CVE-2024-8470
|
2024-09-6 20:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316707
|
7.5 |
HIGH
Network
|
phpgurukul
|
job_portal
|
SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/employee/index.php, and retrieve all the information stored in it.
|
CWE-89
SQL Injection
|
CVE-2024-8469
|
2024-09-6 20:43 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316708
|
7.5 |
HIGH
Network
|
phpgurukul
|
job_portal
|
SQL injection vulnerability, by which an attacker could send a specially designed query through search parameter in /jobportal/index.php, and retrieve all the information stored in it.
|
CWE-89
SQL Injection
|
CVE-2024-8468
|
2024-09-6 20:43 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316709
|
7.5 |
HIGH
Network
|
phpgurukul
|
job_portal
|
SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it.
|
CWE-89
SQL Injection
|
CVE-2024-8467
|
2024-09-6 20:42 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316710
|
7.5 |
HIGH
Network
|
phpgurukul
|
job_portal
|
SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored…
|
CWE-89
SQL Injection
|
CVE-2024-8466
|
2024-09-6 20:24 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
