Total
271657 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8345 | 1 Oretnom23 | 1 Music Gallery Site | 2024-09-04 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-8343 | 1 Oretnom23 | 1 Sentiment Based Movie Rating System | 2024-09-04 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in SourceCodester Sentiment Based Movie Rating System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save_client of the component User Registration Handler. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-39775 | 1 Openatom | 1 Openharmony | 2024-09-04 | N/A | 7.5 HIGH |
| in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read. | |||||
| CVE-2024-8342 | 1 Nelzkie15 | 1 Petshop Management System | 2024-09-04 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in SourceCodester Petshop Management System 1.0. This issue affects some unknown processing of the file /controllers/add_client.php. The manipulation of the argument image_profile leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-39816 | 1 Openatom | 1 Openharmony | 2024-09-04 | N/A | 7.8 HIGH |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | |||||
| CVE-2024-41157 | 1 Openatom | 1 Openharmony | 2024-09-04 | N/A | 7.8 HIGH |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. | |||||
| CVE-2024-41364 | 1 Sourcefabric | 1 Phoniebox | 2024-09-04 | N/A | 9.8 CRITICAL |
| RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.php | |||||
| CVE-2024-41366 | 1 Sourcefabric | 1 Phoniebox | 2024-09-04 | N/A | 9.8 CRITICAL |
| RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\userScripts.php | |||||
| CVE-2024-41367 | 1 Sourcefabric | 1 Phoniebox | 2024-09-04 | N/A | 9.8 CRITICAL |
| RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\api\playlist\appendFileToPlaylist.php | |||||
| CVE-2024-41368 | 1 Sourcefabric | 1 Phoniebox | 2024-09-04 | N/A | 9.8 CRITICAL |
| RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWlanIpMail.php | |||||
| CVE-2024-41361 | 1 Sourcefabric | 1 Phoniebox | 2024-09-04 | N/A | 9.8 CRITICAL |
| RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.php | |||||
| CVE-2024-41369 | 1 Sourcefabric | 1 Phoniebox | 2024-09-04 | N/A | 9.8 CRITICAL |
| RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWifi.php | |||||
| CVE-2024-8341 | 1 Nelzkie15 | 1 Pet Shop Management System | 2024-09-04 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0. This vulnerability affects unknown code of the file /controllers/add_user.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-8340 | 1 Oretnom23 | 1 Electric Billing Management System | 2024-09-04 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in SourceCodester Electric Billing Management System 1.0. This affects an unknown part of the file /Actions.php?a=login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-8339 | 1 Oretnom23 | 1 Electric Billing Management System | 2024-09-04 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Electric Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /?page=tracks of the component Connection Code Handler. The manipulation of the argument code leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-8336 | 1 Oretnom23 | 1 Music Gallery Site | 2024-09-04 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. Affected by this vulnerability is an unknown functionality of the file /php-music/classes/Master.php?f=delete_music. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-41349 | 1 Cdevroe | 1 Unmark | 2024-09-04 | N/A | 6.1 MEDIUM |
| unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via application/views/marks/add_by_url.php. | |||||
| CVE-2024-41372 | 1 Organizr | 1 Organizr | 2024-09-04 | N/A | 9.8 CRITICAL |
| Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/settyping.php. | |||||
| CVE-2024-41371 | 1 Organizr | 1 Organizr | 2024-09-04 | N/A | 6.1 MEDIUM |
| Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php. | |||||
| CVE-2024-41370 | 1 Organizr | 1 Organizr | 2024-09-04 | N/A | 9.8 CRITICAL |
| Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/setlike.php. | |||||