9.1
CVE-2024-38529 - Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.10, there is a Remote Code Execution Vulnerability in the Message module of the Admidio Application, where it is possible to upload a PHP file in the attachment. The uploadeβ¦
10
CVE-2024-37906 - Admidio has Blind SQL Injection in ecard_send.php
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.9, there is an SQL Injection in the `/adm_program/modules/ecards/ecard_send.php` source file of the Admidio Application. The SQL Injection results in a compromise of the appβ¦
8.8
CVE-2024-6984 -
An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.
7.3
CVE-2024-6576 - MOVEit Transfer Privilege Escalation Vulnerability
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3.
8.5
CVE-2024-6124 - Reflected XSS in Hubshare via Open Redirect
Reflected XSS in M-Files Hubshare before version 5.0.6.0 allowsΒ an attacker to execute arbitrary JavaScript code in the context of the victim's browser session
5.3
CVE-2024-7200 - SourceCodester Complaints Report Management System cross site scripting
A vulnerability, which was classified as problematic, has been found in SourceCodester Complaints Report Management System 1.0. This issue affects some unknown processing of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. The attacβ¦
8.5
CVE-2024-6881 - Stored XSS Vulnerability
Stored XSS in M-Files Hubshare versions before 5.0.6.0 allows an authenticated attacker to execute arbitrary JavaScript in user's browser session
5.3
CVE-2024-7199 - SourceCodester Complaints Report Management System manage_user.php sql injection
A vulnerability classified as critical was found in SourceCodester Complaints Report Management System 1.0. This vulnerability affects unknown code of the file /admin/manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has bβ¦
5.3
CVE-2024-7198 - SourceCodester Complaints Report Management System manage_station.php sql injection
A vulnerability classified as critical has been found in SourceCodester Complaints Report Management System 1.0. This affects an unknown part of the file /admin/manage_station.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploiβ¦
5.3
CVE-2024-7197 - SourceCodester Complaints Report Management System manage_complaint.php sql injection
A vulnerability was found in SourceCodester Complaints Report Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/manage_complaint.php. The manipulation of the argument id leads to sql injection. The attack may be launched reβ¦