|
196121
|
9.8 |
CRITICAL
Network
|
theme_park_ticketing_system_project
|
theme_park_ticketing_system
|
SQL injection vulnerability in SourceCodester Theme Park Ticketing System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_user.php .
|
CWE-89
SQL Injection
|
CVE-2021-25209
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196122
|
9.8 |
CRITICAL
Network
|
e-commerce_website_project
|
e-commerce_website
|
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
|
CWE-89
SQL Injection
|
CVE-2021-25205
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196123
|
9.8 |
CRITICAL
Network
|
alumni_management_system_project
|
alumni_management_system
|
SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php.
|
CWE-89
SQL Injection
|
CVE-2021-25212
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196124
|
9.8 |
CRITICAL
Network
|
alumni_management_system_project
|
alumni_management_system
|
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-25210
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196125
|
9.8 |
CRITICAL
Network
|
sales_and_inventory_system_project
|
sales_and_inventory_system
|
SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php.
|
CWE-89
SQL Injection
|
CVE-2021-25202
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196126
|
6.1 |
MEDIUM
Network
|
content_management_system_project
|
content_management_system
|
Cross-site scripting (XSS) vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter to content_managemen…
|
CWE-79
Cross-site Scripting
|
CVE-2021-25197
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196127
|
9.9 |
CRITICAL
Network
|
rancher
|
rancher
|
A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach…
|
NVD-CWE-Other
|
CVE-2021-25320
|
2024-11-21 14:54 |
2021-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196128
|
8.8 |
HIGH
Network
|
rancher
|
rancher
|
A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions p…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-25318
|
2024-11-21 14:54 |
2021-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196129
|
7.5 |
HIGH
Network
|
samsung
|
knox_cloud_services
|
Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication.
|
CWE-287
Improper Authentication
|
CVE-2021-25442
|
2024-11-21 14:54 |
2021-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196130
|
7.8 |
HIGH
Local
|
samsung
|
ar_emoji_editor
|
Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege.
|
CWE-20
Improper Input Validation
|
CVE-2021-25441
|
2024-11-21 14:54 |
2021-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
