7.5
CVE-2024-47917 - Mobotix - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scriptinβ¦
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
7.6
CVE-2024-22063 - ZTE ZENIC ONE R58 product has a CSV injection vulnerability
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devices.
5.3
CVE-2024-13039 - code-projects Simple Chat System add_user.php sql injection
A vulnerability was found in code-projects Simple Chat System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /add_user.php. The manipulation of the argument name/email/password/number leads to sql injection. The attack may be launched remotely. β¦
6.9
CVE-2024-13038 - CodeAstro Simple Loan Management System Login index.php sql injection
A vulnerability was found in CodeAstro Simple Loan Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be launβ¦
5.3
CVE-2024-13037 - 1000 Projects Attendance Tracking Management System report.php attendance_report sql injection
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been classified as critical. Affected is the function attendance_report of the file /admin/report.php. The manipulation of the argument course_id leads to sql injection. It is possible to launch the attack β¦
5.3
CVE-2024-13036 - code-projects Chat System update_room.php sql injection
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/update_room.php. The manipulation of the argument id/name/password leads to sql injection. The attack may be initiated remotely. The exploit has been β¦
5.3
CVE-2024-13035 - code-projects Chat System update_user.php sql injection
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/update_user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed toβ¦
5.3
CVE-2024-13034 - code-projects Chat System update_user.php cross site scripting
A vulnerability, which was classified as problematic, was found in code-projects Chat System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has beeβ¦
5.3
CVE-2024-13033 - code-projects Chat System chatroom.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exβ¦
5.1
CVE-2024-13032 - Antabot White-Jotter Article Editor editor server-side request forgery
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to server-side request forgery. β¦