Export limit exceeded: 334497 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 334497 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334497 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7561 | 1 Shahriar0822 | 1 The Next | 2024-08-08 | 8.8 High |
| The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the wpeden_post_meta post meta value. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | ||||
| CVE-2024-5963 | 1 Hitachi | 1 Device Manager | 2024-08-08 | 6.7 Medium |
| Unquoted Executable Path vulnerability in Hitachi Device Manager on Windows (Device Manager Server component).This issue affects Hitachi Device Manager: before 8.8.7-00. | ||||
| CVE-2024-33962 | 1 Janobe | 8 Credit Card, Debit Card Payment, Janobe Credit Card and 5 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'code' in '/admin/mod_reservation/index.php' parameter. | ||||
| CVE-2024-33964 | 1 Janobe | 8 Credit Card, Debit Card Payment, Janobe Credit Card and 5 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/admin/mod_users/index.php' parameter. | ||||
| CVE-2024-33963 | 1 Janobe | 8 Credit Card, Debit Card Payment, Janobe Credit Card and 5 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/admin/mod_room/index.php' parameter. | ||||
| CVE-2024-33961 | 1 Janobe | 6 Credit Card, Debit Card Payment, Janobe Credit Card and 3 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'code' in '/admin/mod_reservation/controller.php' parameter. | ||||
| CVE-2024-33965 | 1 Janobe | 8 Credit Card, Debit Card Payment, Janobe Credit Card and 5 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in '/tubigangarden/admin/mod_accomodation/index.php' parameter. | ||||
| CVE-2024-33967 | 1 Janobe | 6 Credit Card, Debit Card Payment, Paypal and 3 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/attendance_print.php' parameter. | ||||
| CVE-2024-33968 | 1 Janobe | 6 Credit Card, Debit Card Payment, Paypal and 3 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/index.php' parameter. | ||||
| CVE-2024-33969 | 1 Janobe | 6 Credit Card, Debit Card Payment, Paypal and 3 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/AttendanceMonitoring/department/index.php' parameter. | ||||
| CVE-2024-33971 | 1 Janobe | 5 Credit Card, Debit Card Payment, Paypal and 2 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'username' in '/login.php' parameter. | ||||
| CVE-2024-33972 | 1 Janobe | 6 Credit Card, Debit Card Payment, Paypal and 3 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'events' in '/report/event_print.php' parameter. | ||||
| CVE-2024-33973 | 1 Janobe | 6 Credit Card, Debit Card Payment, Paypal and 3 more | 2024-08-08 | 9.8 Critical |
| SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/report/attendance_print.php' parameter. | ||||
| CVE-2024-41242 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-08-08 | 5.5 Medium |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. | ||||
| CVE-2024-41245 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-08-08 | 7.5 High |
| An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details. | ||||
| CVE-2024-41244 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-08-08 | 7.5 High |
| An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details. | ||||
| CVE-2024-34479 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Computer Laboratory Management System | 2024-08-08 | 9.8 Critical |
| SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection. | ||||
| CVE-2024-41247 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-08-08 | 9.1 Critical |
| An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry. | ||||
| CVE-2024-41248 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-08-08 | 7.5 High |
| An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry. | ||||
| CVE-2024-41249 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-08-08 | 7.5 High |
| An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details. | ||||