8.5

CVSS3.1

CVE-2024-52899 - IBM Data Virtualization Manager code execution

IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server.

๐Ÿ“… Published: Nov. 26, 2024, 12:34 a.m. ๐Ÿ”„ Last Modified: Aug. 4, 2025, 3:11 p.m.

5.3

CVSS4.0

CVE-2024-11676 - CodeAstro Hospital Management System Add Laboratory Equipment Page his_admin_add_lab_equipment.php โ€ฆ

A vulnerability was found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /backend/admin/his_admin_add_lab_equipment.php of the component Add Laboratory Equipment Page. The manipulation of the argument eqp_cโ€ฆ

๐Ÿ“… Published: Nov. 26, 2024, 12:31 a.m. ๐Ÿ”„ Last Modified: Dec. 4, 2024, 8:19 p.m.

5.3

CVSS4.0

CVE-2024-11675 - CodeAstro Hospital Management System Add Patient Details Page his_admin_register_patient.php cross โ€ฆ

A vulnerability has been found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /backend/admin/his_admin_register_patient.php of the component Add Patient Details Page. The manipulation of the argument โ€ฆ

๐Ÿ“… Published: Nov. 26, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 4, 2024, 8:15 p.m.

4.8

CVSS3.1

CVE-2024-53620 -

A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter.

๐Ÿ“… Published: Nov. 26, 2024, midnight ๐Ÿ”„ Last Modified: July 3, 2025, 12:32 a.m.

6.3

CVSS3.1

CVE-2024-53619 -

An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.

๐Ÿ“… Published: Nov. 26, 2024, midnight ๐Ÿ”„ Last Modified: July 7, 2025, 5:54 p.m.

9.8

CVSS3.1

CVE-2024-50942 -

qiwen-file v1.4.0 was discovered to contain a SQL injection vulnerability via the component /mapper/NoticeMapper.xml.

๐Ÿ“… Published: Nov. 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-53365 -

A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field.

๐Ÿ“… Published: Nov. 26, 2024, midnight ๐Ÿ”„ Last Modified: March 27, 2025, 5:42 p.m.

6.2

CVSS3.1

CVE-2024-51058 -

Local File Inclusion (LFI) vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through <img> src tag, potentially exposing sensitive information.

๐Ÿ“… Published: Nov. 26, 2024, midnight ๐Ÿ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

8.8

CVSS3.1

CVE-2024-53555 -

A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via uploading a crafted CSV file.

๐Ÿ“… Published: Nov. 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS4.0

CVE-2024-11674 - CodeAstro Hospital Management System his_doc_update-account.php unrestricted upload

A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management System 1.0. Affected is an unknown function of the file /backend/doc/his_doc_update-account.php. The manipulation of the argument doc_dpic leads to unrestricted upload. It is possible to launch the attack โ€ฆ

๐Ÿ“… Published: Nov. 25, 2024, 11:31 p.m. ๐Ÿ”„ Last Modified: Dec. 4, 2024, 7:35 p.m.
Total resulsts: 345234
Page 7312 of 34,524
ยซ previous page ยป next page
Filters