6.9
CVE-2024-13030 - D-Link DIR-823G Web Management Interface HNAP1 SetVirtualServerSettings access control
A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component Weβ¦
5.4
CVE-2024-50702 -
TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager.
6.5
CVE-2024-46542 -
Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks.
5.4
CVE-2024-50703 -
TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.
4.3
CVE-2024-50701 -
TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.
5.3
CVE-2024-13029 - Antabot White-Jotter Edit Book book server-side request forgery
A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotelβ¦
6.3
CVE-2024-13028 - Antabot White-Jotter login observable response discrepancy
A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The attack may be initiated remotely. The compβ¦
5.3
CVE-2024-13025 - Codezips College Management System faculty.php sql injection
A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument book_name/book_author leads to sql injection. It is possible to launch the attack remotely. Tβ¦
5.3
CVE-2024-13024 - Codezips Blood Bank Management System campaign.php sql injection
A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /campaign.php. The manipulation of the argument cname leads to sql injection. The attack may be initiated remotely. The exploit has been discloseβ¦
5.1
CVE-2024-13023 - PHPGurukul Maid Hiring Management System Search Maid Page search-maid.php cross site scripting
A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/search-maid.php of the component Search Maid Page. The manipulation of the argument searchdata leads to cross site scripting. The β¦