9.8

CVSS3.1

CVE-2024-35350 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/view_borrow. Manipulating the argument id can result in SQL injection.

๐Ÿ“… Published: May 30, 2024, 4:19 p.m. ๐Ÿ”„ Last Modified: April 11, 2025, 4:14 p.m.

5.4

CVSS3.1

CVE-2024-35351 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=update_settings. Manipulating the parameter name results in cross-site scripting.

๐Ÿ“… Published: May 30, 2024, 4:18 p.m. ๐Ÿ”„ Last Modified: April 11, 2025, 4:14 p.m.

5.4

CVSS3.1

CVE-2024-35359 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_item. Manipulating the argument id can result in SQL injection.

๐Ÿ“… Published: May 30, 2024, 4:16 p.m. ๐Ÿ”„ Last Modified: Feb. 13, 2025, 3:58 p.m.

7.5

CVSS3.1

CVE-2024-35431 -

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1.

๐Ÿ“… Published: May 30, 2024, 4:10 p.m. ๐Ÿ”„ Last Modified: June 17, 2025, 7:17 p.m.

6.1

CVSS3.1

CVE-2024-35352 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting.

๐Ÿ“… Published: May 30, 2024, 4:08 p.m. ๐Ÿ”„ Last Modified: April 11, 2025, 3:16 p.m.

9.8

CVSS3.1

CVE-2024-35353 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization.

๐Ÿ“… Published: May 30, 2024, 4:06 p.m. ๐Ÿ”„ Last Modified: April 11, 2025, 3:16 p.m.

6.1

CVSS3.1

CVE-2024-35432 -

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site Scripting (XSS) via an Audio File. An authenticated user can injection malicious JavaScript code to trigger a Cross Site Scripting.

๐Ÿ“… Published: May 30, 2024, 4:05 p.m. ๐Ÿ”„ Last Modified: June 17, 2025, 7:36 p.m.

9.8

CVSS3.1

CVE-2024-35354 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_category. Manipulating the argument id can result in SQL injection.

๐Ÿ“… Published: May 30, 2024, 4:04 p.m. ๐Ÿ”„ Last Modified: April 11, 2025, 4:14 p.m.

9.8

CVSS3.1

CVE-2024-35355 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_category. Manipulating the argument id can result in SQL injection.

๐Ÿ“… Published: May 30, 2024, 4:03 p.m. ๐Ÿ”„ Last Modified: April 11, 2025, 4:14 p.m.

6.3

CVSS3.1

CVE-2024-35356 -

A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_item. Manipulating the argument id can result in SQL injection.

๐Ÿ“… Published: May 30, 2024, 4:02 p.m. ๐Ÿ”„ Last Modified: April 11, 2025, 4:14 p.m.
Total resulsts: 349182
Page 9625 of 34,919
ยซ previous page ยป next page
Filters