3.5

CVSS3.1

CVE-2024-3613 - SourceCodester Warehouse Management System supplier.php cross site scripting

A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file supplier.php. The manipulation of the argument nama_supplier/alamat_supplier/notelp_supplier leads to cross site scripting.โ€ฆ

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: Feb. 18, 2025, 5:48 p.m.

4

CVSS3.1

CVE-2024-30916 -

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: Feb. 10, 2025, 11:15 p.m.

7.5

CVSS3.1

CVE-2024-28458 -

Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function compileSWFActionCode in action/actioncompiler.c.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: June 10, 2025, 1:01 a.m.

6.1

CVSS3.1

CVE-2024-30878 -

A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the upload_drive parameter.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 11, 2025, 2:50 p.m.

8.2

CVSS3.1

CVE-2025-3528 - Mirror-registry: local privilege escalation due to incorrect permissions in mirror-registry

A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the `/etc/passwd`. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within โ€ฆ

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2024-25852 -

Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: June 17, 2025, 8:50 p.m.

6.3

CVSS3.1

CVE-2024-22721 -

Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 8, 2025, 3:20 p.m.

5.4

CVSS3.1

CVE-2024-30880 -

Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the multiple parameter in the image cropping function.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 11, 2025, 2:48 p.m.

9.8

CVSS3.1

CVE-2024-31678 -

Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection via the "password" parameter in the "login.php" file.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 8, 2025, 3:20 p.m.

7.1

CVSS3.1

CVE-2024-30884 -

Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: June 17, 2025, 8:54 p.m.
Total resulsts: 349182
Page 10325 of 34,919
ยซ previous page ยป next page
Filters