6.9
CVE-2024-10844 - 1000 Projects Bookstore Management System search.php sql injection
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file search.php. The manipulation of the argument s leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosβ¦
5.1
CVE-2024-10842 - romadebrian WEB-Sekolah Backend Proses_Edit_Akun.php cross site scripting
A vulnerability, which was classified as problematic, has been found in romadebrian WEB-Sekolah 1.0. Affected by this issue is some unknown functionality of the file /Admin/Proses_Edit_Akun.php of the component Backend. The manipulation of the argument Username_Baru/Password leads to cross site scrβ¦
5.3
CVE-2024-10841 - romadebrian WEB-Sekolah Mail Proses_Kirim.php sql injection
A vulnerability classified as critical was found in romadebrian WEB-Sekolah 1.0. Affected by this vulnerability is an unknown functionality of the file /Proses_Kirim.php of the component Mail Handler. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely.β¦
4.3
CVE-2024-10329 - Ultimate Bootstrap Elements for Elementor <= 1.4.6 - Authenticated (Contributor+) Sensitive Informaβ¦
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to eβ¦
8.9
CVE-2024-7059 -
A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line.
5.1
CVE-2024-10840 - romadebrian WEB-Sekolah Backend akun_edit.php cross site scripting
A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akun_edit.php of the component Backend. The manipulation of the argument kode leads to cross site scripting. It is possible to launch the attack remotely. The β¦
7.3
CVE-2024-10263 - Tickera β WordPress Event Ticketing <= 3.5.4.4 - Unauthenticated Arbitrary Shortcode Execution
The Tickera β WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes β¦
5.4
CVE-2024-9867 - Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrβ¦
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget' marker_content parameter in all versions up to, and including, 5.10.2 due to insufficient input sanβ¦
6.5
CVE-2024-9657 - Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrβ¦
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βtooltip' parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output esβ¦
6.6
CVE-2024-51530 -
LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.