4.7
CVE-2024-3619 - SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php sql injection
A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /control/addcase_stage.php. The manipulation of the argument cname leads to sql injection. The attackβ¦
4.7
CVE-2024-3618 - SourceCodester Kortex Lite Advocate Office Management System activate_case.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file /control/activate_case.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack rβ¦
8.8
CVE-2024-25572 -
Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.
5.4
CVE-2024-26019 -
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
6.1
CVE-2024-29220 -
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.
4.7
CVE-2024-3617 - SourceCodester Kortex Lite Advocate Office Management System deactivate_case.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This issue affects some unknown processing of the file /control/deactivate_case.php. The manipulation of the argument id leads to sql injection. The attack may be iβ¦
7.2
CVE-2023-6811 - Language Translate Widget for WordPress β ConveyThis <= 223 - Unauthenticated Stored Cross-Site Scrβ¦
The Language Translate Widget for WordPress β ConveyThis plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'api_keyβ parameter in all versions up to, and including, 223 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attβ¦
6.5
CVE-2024-3652 - IKEv1 default AH/ESP responder can cause libreswan to abort and restart
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
3.5
CVE-2024-3616 - SourceCodester Warehouse Management System pengguna.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Warehouse Management System 1.0. This vulnerability affects unknown code of the file pengguna.php. The manipulation of the argument admin_user/admin_nama/admin_alamat/admin_telepon leads to cross site scripting. The attack can beβ¦
3.5
CVE-2024-3614 - SourceCodester Warehouse Management System customer.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument nama_customer/alamat_customer/notelp_customer leads to cross site scripting. It is possible to initiateβ¦