5.3
CVE-2024-4725 - Campcodes Legal Case Management System client_user cross site scripting
A vulnerability has been found in Campcodes Legal Case Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/client_user. The manipulation of the argument f_name leads to cross site scripting. The attack can be launched reβ¦
6.8
CVE-2024-27269 - IBM QRadar SIEM information disclosure
IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.
7.5
CVE-2024-33818 -
Globitel KSA SpeechLog v8.1 was discovered to contain an Insecure Direct Object Reference (IDOR) via the userID parameter.
5.3
CVE-2024-4724 - Campcodes Legal Case Management System case-type cross site scripting
A vulnerability, which was classified as problematic, was found in Campcodes Legal Case Management System 1.0. Affected is an unknown function of the file /admin/case-type. The manipulation of the argument case_type_name leads to cross site scripting. It is possible to launch the attack remotely. Tβ¦
5.3
CVE-2024-4723 - Campcodes Legal Case Management System case-status cross site scripting
A vulnerability, which was classified as problematic, has been found in Campcodes Legal Case Management System 1.0. This issue affects some unknown processing of the file /admin/case-status. The manipulation of the argument case_status leads to cross site scripting. The attack may be initiated remoβ¦
8.6
CVE-2024-34199 -
TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service (Buffer Overflow) when sending excessively large elements in the request line.
6.5
CVE-2024-34245 -
An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtml_js_action.php.
8.6
CVE-2023-26566 -
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API.
5.3
CVE-2024-4722 - Campcodes Complete Web-Based School Management System index.php cross site scripting
A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument category leads to cross site scripting. The attack can be initiated remotely. The exploitβ¦
6.3
CVE-2024-34695 - WOWS Karma vulnerable to a post submission bounce/timing attack
WOWS Karma is a reputation system for Wargaming's World of Warships. A user is able to click multiple times on "create" on a post creation prompt before the modal closes, which triggers sending several post creation API requests at once. Due to timing, sending multiple posts simultaneously requestsβ¦