6.3

CVSS3.1

CVE-2024-48589 -

Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: Feb. 11, 2025, 3:15 p.m.

7.5

CVSS3.1

CVE-2024-57610 -

A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users. The Supplier's position is that the Sylius core software is not intended โ€ฆ

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: Sept. 19, 2025, 7:07 p.m.

8.1

CVSS3.1

CVE-2024-36553 -

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to MITM attack.

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: Feb. 10, 2025, 4:15 p.m.

4.8

CVSS3.1

CVE-2024-57599 -

Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: July 3, 2025, 1:16 a.m.

9.8

CVSS3.1

CVE-2022-40916 -

Tiny File Manager v2.4.7 and below is vulnerable to session fixation.

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: Dec. 31, 2025, 7:40 p.m.

9.8

CVSS3.1

CVE-2024-57430 -

An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database manipulation.

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: June 24, 2025, 12:12 a.m.

6.3

CVSS3.1

CVE-2020-36085 -

Stored Cross Site Scripting(XSS) vulnerability in Egavilan Media Resumes Management and Job Application Website 1.0 allows remote attackers to inject arbitrary code via First and Last Name in Apply For This Job Form.

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: Feb. 11, 2025, 3:15 p.m.

4.5

CVSS3.1

CVE-2024-57523 -

Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authenticated admin user.

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: April 22, 2025, 8:06 p.m.

9.3

CVSS3.1

CVE-2024-57428 -

A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields (event_img, seat_maps) and seat number configurations (number[new_X] in pjActionCreate). Attackers can inject persistent JavaScript, leading to phishing, โ€ฆ

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: June 24, 2025, 12:13 a.m.

8.1

CVSS3.1

CVE-2024-54909 -

A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path parameter of the /api/resource/local/download endpoint, where manipulation of this parameter can lead to arbitrary file download.

๐Ÿ“… Published: Feb. 6, 2025, midnight ๐Ÿ”„ Last Modified: Feb. 12, 2025, 3:15 p.m.
Total resulsts: 343968
Page 6311 of 34,397
ยซ previous page ยป next page
Filters