5.3
CVE-2024-7665 - SourceCodester Car Driving School Management System manage_package.php sql injection
A vulnerability classified as critical was found in SourceCodester Car Driving School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_package.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. Thβ¦
5.3
CVE-2024-7664 - SourceCodester Car Driving School Management System view_details.php sql injection
A vulnerability classified as critical has been found in SourceCodester Car Driving School Management System 1.0. Affected is an unknown function of the file view_details.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has bβ¦
5.3
CVE-2024-7663 - SourceCodester Car Driving School Management System manage_user.php sql injection
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit β¦
6.9
CVE-2024-7662 - SourceCodester Car Driving School Management System manag_package.php save_package cross-site requeβ¦
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. This vulnerability affects the function save_package of the file admin/packages/manag_package.php. The manipulation leads to cross-site request forgery. The attack can be initiβ¦
6.9
CVE-2024-7661 - SourceCodester Car Driving School Management System index.php save_users cross-site request forgery
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been classified as problematic. This affects the function save_users of the file admin/user/index.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Tβ¦
8.1
CVE-2024-7589 - OpenSSH pre-authentication async signal safety issue
A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by default). This signal handler executes in the context of the sshd(8)'s privileged code, which is not sβ¦
5.3
CVE-2024-7660 - SourceCodester File Manager App Add File cross site scripting
A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can beβ¦
5.3
CVE-2024-6759 - NFS client accepts file names containing path separators
When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir(3) and related functions to return filesystem entries with names containing additional path components. The lack of validation described β¦
7.5
CVE-2024-6760 - ktrace(2) fails to detach when executing a setuid binary
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which thβ¦
6.3
CVE-2024-6640 - pf incorrectly matches different ICMPv6 states in the state table
In ICMPv6 Neighbor Discovery (ND), the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation (NS) can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier β¦