5.3
CVE-2024-6279 - lahirudanushka School Management System Exam Results Page examresults-par.php sql injection
A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file examresults-par.php of the component Exam Results Page. The manipulation of the argument sid leads to sql injection. The attaβ¦
5.1
CVE-2024-6278 - lahirudanushka School Management System Subject Page subject.php sql injection
A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file subject.php of the component Subject Page. The manipulation of the argument update leads to sql injection. The attβ¦
5.1
CVE-2024-6277 - lahirudanushka School Management System Student Page student.php sql injection
A vulnerability, which was classified as critical, was found in lahirudanushka School Management System 1.0.0/1.0.1. Affected is an unknown function of the file student.php of the component Student Page. The manipulation of the argument update leads to sql injection. It is possible to launch the atβ¦
5.1
CVE-2024-6276 - lahirudanushka School Management System Teacher Page teacher.php sql injection
A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. This issue affects some unknown processing of the file teacher.php of the component Teacher Page. The manipulation of the argument update leads to sql injection. The attack may β¦
5.1
CVE-2024-6275 - lahirudanushka School Management System Parent Page parent.php sql injection
A vulnerability classified as critical was found in lahirudanushka School Management System 1.0.0/1.0.1. This vulnerability affects unknown code of the file parent.php of the component Parent Page. The manipulation of the argument update leads to sql injection. The attack can be initiated remotely.β¦
5.1
CVE-2024-6274 - lahirudanushka School Management System Attendance Report Page attendancelist.php sql injection
A vulnerability classified as critical has been found in lahirudanushka School Management System 1.0.0/1.0.1. This affects an unknown part of the file /attendancelist.php of the component Attendance Report Page. The manipulation of the argument aid leads to sql injection. It is possible to initiateβ¦
3.3
CVE-2024-3121 - Remote Code Execution in create_conda_env function in parisneo/lollms
A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the env_name anβ¦
5.4
CVE-2024-37825 -
An issue in EnvisionWare Computer Access & Reservation Control SelfCheck v1.0 (fixed in OneStop 3.2.0.27184 Hotfix May 2024) allows unauthenticated attackers on the same network to perform a directory traversal.
9.8
CVE-2024-33898 -
Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 is affected by an Incorrect Access Control vulnerability. An authorization bypass allows remote attackers to achieve unauthenticated remote code execution.
5.3
CVE-2024-38897 -
WAVLINK WN551K1'live_check.shtml enables attackers to obtain sensitive router information.