Aggregator

CVE-2024-11487 | Code4Berry Decoration Management System 1.0 Between Dates Reports btndates_report.php fromdate/todate sql injection

VulDB Recent Entries
2 months 1 week ago
A vulnerability has been found in Code4Berry Decoration Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /decoration/admin/btndates_report.php of the component Between Dates Reports. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability was named CVE-2024-11487. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2024-11486 | Code4Berry Decoration Management System 1.0 User Permission user_permission.php

VulDB Recent Entries
2 months 1 week ago
A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/user_permission.php of the component User Permission Handler. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2024-11486. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2024-11485 | Code4Berry Decoration Management System 1.0 User userregister.php permission

VulDB Recent Entries
2 months 1 week ago
A vulnerability, which was classified as critical, has been found in Code4Berry Decoration Management System 1.0. Affected by this issue is some unknown functionality of the file /decoration/admin/userregister.php of the component User Handler. The manipulation leads to permission issues. This vulnerability is handled as CVE-2024-11485. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2024-11484 | Code4Berry Decoration Management System 1.0 User Image update_image.php productimage1 access control

VulDB Recent Entries
2 months 1 week ago
A vulnerability classified as critical was found in Code4Berry Decoration Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /decoration/admin/update_image.php of the component User Image Handler. The manipulation of the argument productimage1 leads to improper access controls. This vulnerability is known as CVE-2024-11484. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2024-52033 | Rakuten Mobile Rakuten Turbo 5G up to 1.3.18 exposure of sensitive system information to an unauthorized control sphere

VulDB Recent Entries
2 months 1 week ago
A vulnerability classified as problematic has been found in Rakuten Mobile Rakuten Turbo 5G up to 1.3.18. Affected is an unknown function. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is traded as CVE-2024-52033. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

《我的世界》将建造主题公园

Solidot
2 months 1 week ago
微软旗下的热门沙盒游戏《我的世界(Minecraft)》与欧洲最大主题公园运营商 Merlin Entertainments 签署协议,将率先在英国和美国开设主题游乐设施、景点、酒店客房和零售点。Merlin 的规模仅次于迪士尼,在 23 个国家运营逾 135 个景点,包括奥尔顿塔、乐高乐园、海洋生物公园、杜莎夫人蜡像馆和伦敦眼。前两个景点 Merlin 将投资逾 1.1 亿美元,将于 2026 年和 2027 年分别在英国和美国开业,景点要么位于现有主题公园内,要么作为新的市中心景点。两家公司未来计划扩大到其他国家和地区。《我的世界》是史上最畅销游戏之一,每月有 1.4 亿玩家。

Managed ad