5.1
CVE-2024-9977 - MitraStar GPT-2541GNAC Firewall Settings Page settings-firewall.cgi os command injection
A vulnerability, which was classified as critical, was found in MitraStar GPT-2541GNAC BR_g5.6_1.11(WVK.0)b26. Affected is an unknown function of the file /cgi-bin/settings-firewall.cgi of the component Firewall Settings Page. The manipulation of the argument SrcInterface leads to os command injectβ¦
5.3
CVE-2024-9976 - code-projects Pharmacy Management System manage_customer.php sql injection
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_customer.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. The eβ¦
5.3
CVE-2024-9975 - SourceCodester Drag and Drop Image Upload upload.php unrestricted upload
A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosedβ¦
9.1
CVE-2024-49388 -
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
7.5
CVE-2024-49387 -
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
4.3
CVE-2024-49384 -
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
4.3
CVE-2024-49383 -
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
4.3
CVE-2024-49382 -
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
7.5
CVE-2024-45276 - MB connect line/Helmholz: tmp directory exposed via webservice
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication.
9.8
CVE-2024-45275 - MB connect line/Helmholz: Hardcoded user accounts with hard-coded passwords
The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.