6.9
CVE-2024-9812 - code-projects Crud Operation System delete.php sql injection
A vulnerability classified as critical was found in code-projects Crud Operation System 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument sid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the publiโฆ
7.2
CVE-2024-9180 - Vault Operators in Root Namespace May Elevate Their Privileges
A privileged Vault operator with write permissions to the root namespaceโs identity endpoint could escalate their own or another userโs privileges to Vaultโs root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16.
6.9
CVE-2024-9811 - code-projects Restaurant Reservation System filter3.php sql injection
A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0. This affects an unknown part of the file filter3.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclโฆ
5.3
CVE-2024-9810 - SourceCodester Record Management System sort2_user.php cross site scripting
A vulnerability was found in SourceCodester Record Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file sort2_user.php. The manipulation of the argument qualification leads to cross site scripting. The attack may be launched remotโฆ
5.3
CVE-2024-9809 - SourceCodester Online Eyewear Shop Master.php delete_product sql injection
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function delete_product of the file /classes/Master.php?f=delete_product. The manipulation of the argument id leads to sql injection. The attack can be launchโฆ
5.3
CVE-2024-9808 - SourceCodester Online Eyewear Shop sql injection
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=products/view_product. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The explโฆ
5.1
CVE-2024-9807 - Craig Rodway Classroombookings Session Page sessions cross site scripting
A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic. This issue affects some unknown processing of the file /sessions of the component Session Page. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely.โฆ
5.3
CVE-2024-9806 - Craig Rodway Classroombookings Room Page fields cross site scripting
A vulnerability has been found in Craig Rodway Classroombookings up to 2.8.6 and classified as problematic. This vulnerability affects unknown code of the file /rooms/fields of the component Room Page. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated โฆ
0.0
CVE-2024-47354 - WordPress Simple Membership After Login Redirection plugin <= 1.6 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wp.insider Simple Membership After Login Redirection simple-membership-after-login-redirection.This issue affects Simple Membership After Login Redirection: from n/a through <= 1.6.
6.1
CVE-2024-47648 - WordPress EventPrime plugin <= 4.0.4.5 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Metagauss EventPrime eventprime-event-calendar-management.This issue affects EventPrime: from n/a through <= 4.0.4.5.