A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
7.3CVSS
7.6AI Score
0.0004EPSS
A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched...
6.3CVSS
6.8AI Score
0.0004EPSS
A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched...
6.3CVSS
7.4AI Score
0.0004EPSS
A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
7.3CVSS
7.4AI Score
0.0004EPSS
CVE-2024-5066 PHPGurukul Online Course Registration System pincode-verification.php sql injection
A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched...
6.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-5065 PHPGurukul Online Course Registration System sql injection
A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
7.3CVSS
7.6AI Score
0.0004EPSS
CVE-2024-5065 PHPGurukul Online Course Registration System sql injection
A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
7.3CVSS
7.4AI Score
0.0004EPSS
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....
7.3CVSS
7.3AI Score
0.0004EPSS
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....
7.3CVSS
7.5AI Score
0.0004EPSS
CVE-2024-5064 PHPGurukul Online Course Registration System news-details.php sql injection
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....
7.3CVSS
7.3AI Score
0.0004EPSS
CVE-2024-5064 PHPGurukul Online Course Registration System news-details.php sql injection
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The exploit has been...
6.3CVSS
6.8AI Score
0.0004EPSS
A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The exploit has been...
6.3CVSS
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change many....
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change many....
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change...
6.7AI Score
0.0004EPSS
An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted...
7.4AI Score
EPSS
An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted...
8.1AI Score
EPSS
CVE-2024-5048 code-projects Budget Management index.php sql injection
A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The exploit has been...
6.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-35808 md/dm-raid: don't call md_reap_sync_thread() directly
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change many....
7.4AI Score
0.0004EPSS
CVE-2024-35808 md/dm-raid: don't call md_reap_sync_thread() directly
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change many....
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_FROZEN from __md_stop_writes() and doesn't realize that dm-raid relies on __md_stop_writes() to...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_FROZEN from __md_stop_writes() and doesn't realize that dm-raid relies on __md_stop_writes() to...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_FROZEN from __md_stop_writes() and doesn't realize that dm-raid relies on __md_stop_writes() to...
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current c...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current c...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current c...
7.5AI Score
0.0004EPSS
CVE-2024-35794 dm-raid: really frozen sync_thread during suspend
In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_FROZEN from __md_stop_writes() and doesn't realize that dm-raid relies on __md_stop_writes() to...
7.4AI Score
0.0004EPSS
CVE-2024-35787 md/md-bitmap: fix incorrect usage for sb_index
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current c...
7.5AI Score
0.0004EPSS
CVE-2024-35787 md/md-bitmap: fix incorrect usage for sb_index
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current c...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current c...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_FROZEN from __md_stop_writes() and doesn't realize that dm-raid relies on __md_stop_writes() to frozen...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change many....
6.6AI Score
0.0004EPSS
Spreadsheet::ParseExcel RCE (CVE-2023-7101)
According to its self-reported version number, the Spreadsheet::ParseExcel perl module is vulnerable to a remote code execution vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to...
7.8CVSS
8.1AI Score
0.053EPSS
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command
ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...
6.2AI Score
0.0004EPSS
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command
ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...
6.2AI Score
0.0004EPSS
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before...
6.8AI Score
0.0004EPSS
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before...
6.6AI Score
0.0004EPSS
CVE-2024-5023 Arbitrary File Read Vulnerability in ConsoleMe via Limited Git command RCE
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before...
6.9AI Score
0.0004EPSS
CVE-2024-5023 Arbitrary File Read Vulnerability in ConsoleMe via Limited Git command RCE
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before...
6.9AI Score
0.0004EPSS
njwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser.prototype.parse...
7.2AI Score
EPSS
njwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser.prototype.parse...
6.9AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
7.2AI Score
EPSS
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
3.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
3.5CVSS
3.8AI Score
0.0004EPSS