5.3
CVE-2024-8347 - SourceCodester Computer Laboratory Management System Master.php delete_record sql injection
A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection. The attack can be lโฆ
5.3
CVE-2024-8346 - SourceCodester Computer Laboratory Management System SystemSettings.php update_settings_info sql inโฆ
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to sql injection. It is possible toโฆ
0.0
CVE-2024-42379 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-8354 - Qemu-kvm: usb: assertion failure in usb_ep_get()
A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.
7.6
CVE-2024-38868 - Incorrect Authorization
Zohocorp ManageEngine Endpoint Central affected byย Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15
4.3
CVE-2024-21658 - Insufficient control of region value length in discourse-calendar
discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic. The limit on region value length is too generous. This allows a malicious actor to cause a Discourse instance to use excessive bandwidth and disk space. This issue has been patโฆ
8.3
CVE-2024-6204 - SQL injection
Zohocorp ManageEngine Exchange Reporter Plus versions beforeย 5715 are vulnerable toย SQL Injection in the reports module.
5.3
CVE-2024-8345 - SourceCodester Music Gallery Site Users.php sql injection
A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit hโฆ
5.4
CVE-2024-45047 - Potential mXSS vulnerability due to improper HTML escaping in svelte
svelte performance oriented web framework. A potential mXSS vulnerability exists in Svelte for versions up to but not including 4.2.19. Svelte improperly escapes HTML on server-side rendering. The assumption is that attributes will always stay as such, but in some situation the final DOM tree rendeโฆ
5.3
CVE-2024-8344 - Campcodes Supplier Management System edit_area.php sql injection
A vulnerability has been found in Campcodes Supplier Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_area.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exโฆ