|
312761
|
4.3 |
MEDIUM
Adjacent
|
gotenna
|
gotenna
|
The goTenna Pro ATAK Plugin's default settings are to share Automatic
Position, Location, and Information (PLI) updates every 60 seconds once
the plugin is active and goTenna is connected. Users th…
|
NVD-CWE-Other
|
CVE-2024-43814
|
2024-10-18 03:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312762
|
5.4 |
MEDIUM
Network
|
cacti
|
cacti
|
Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43362
|
2024-10-18 03:14 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312763
|
9.8 |
CRITICAL
Network
|
oretnom23
|
online_veterinary_appointment_system
|
A vulnerability classified as critical has been found in SourceCodester Online Veterinary Appointment System 1.0. Affected is an unknown function of the file /admin/categories/manage_category.php. Th…
|
CWE-89
SQL Injection
|
CVE-2024-9818
|
2024-10-18 03:13 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312764
|
8.8 |
HIGH
Network
|
blood_bank_system_project
|
blood_bank_system
|
A vulnerability was found in code-projects Blood Bank System 1.0. It has been classified as critical. This affects an unknown part of the file /update.php. The manipulation of the argument name leads…
|
CWE-89
SQL Injection
|
CVE-2024-9817
|
2024-10-18 03:12 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312765
|
9.8 |
CRITICAL
Network
|
taismartfactory
|
qplant_sf
|
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this vulnerability could allow a remote attacker to retrieve all database information by sending a specially …
|
CWE-89
SQL Injection
|
CVE-2024-9925
|
2024-10-18 03:09 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312766
|
8.2 |
HIGH
Network
|
cacti
|
cacti
|
Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stor…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43364
|
2024-10-18 03:09 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312767
|
8.8 |
HIGH
Network
|
formosasoft
|
ee-class
|
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulner…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9981
|
2024-10-18 03:05 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312768
|
8.8 |
HIGH
Network
|
formosasoft
|
ee-class
|
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete datab…
|
CWE-89
SQL Injection
|
CVE-2024-9980
|
2024-10-18 03:03 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312769
|
7.2 |
HIGH
Network
|
cacti
|
cacti
|
Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing onl…
|
CWE-94
Code Injection
|
CVE-2024-43363
|
2024-10-18 02:58 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312770
|
2.4 |
LOW
Network
|
authzed
|
spicedb
|
SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version 1.35.0 and prior to version 1.37.1, clients that have enabled `LookupResource…
|
NVD-CWE-Other
|
CVE-2024-48909
|
2024-10-18 02:56 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
