8.8

CVSS3.1

CVE-2024-32254 -

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image.

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: April 2, 2025, 2:58 p.m.

8.1

CVSS3.1

CVE-2024-32256 -

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image.

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: Feb. 6, 2026, 3:15 p.m.

8.1

CVSS3.1

CVE-2024-1132 - Keycloak: path transversal in redirection validation

A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any…

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: March 17, 2026, 8:52 p.m.

3.4

CVSS3.1

CVE-2023-0657 - Keycloak: impersonation via logout token exchange

A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.4

CVSS3.1

CVE-2024-21013 - mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2024)

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ…

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: March 26, 2025, 8:15 p.m.

4.7

CVSS3.1

CVE-2024-31760 -

An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an attacker to escalate privileges via the Session Expiration component.

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2024-31680 -

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php component.

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6

CVSS3.1

CVE-2023-6717 - Keycloak: xss via assertion consumer service url in saml post-binding flow

A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with …

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.9

CVSS3.1

CVE-2024-21054 - mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2024)

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL …

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: April 9, 2025, 4:08 p.m.

4.9

CVSS3.1

CVE-2024-21009 - mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2024)

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL …

πŸ“… Published: April 16, 2024, midnight πŸ”„ Last Modified: March 13, 2025, 5:22 p.m.
Total resulsts: 349182
Page 10275 of 34,919
Β« previous page Β» next page
Filters