Aggregator

A vulnerability, which was classified as problematic, has been found in Romain Bourdon Wampserver 3.2.3/3.2.6. Affected by this issue is some unknown functionality of the component PHP Info Page. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-46547. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Kashipara E-learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_event.php. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2024-54931. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Doctor-Appointment 1.0. Affected is an unknown function of the file /Frontend/signup_com.php. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2022-38946. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Kashipara E-learning Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /send_message_teacher_to_student.php. The manipulation of the argument my_message leads to cross site scripting. The identification of this vulnerability is CVE-2024-54935. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Kashipara E-Learning Management System Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /remove_sent_message.php. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2024-54925. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Kashipara E-learning Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit_content.php. The manipulation of the argument title/content leads to sql injection. This vulnerability is uniquely identified as CVE-2024-54924. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Kashipara E-learning Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit_teacher.php. The manipulation of the argument department leads to sql injection. This vulnerability is handled as CVE-2024-54923. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Kashipara E-learning Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student_signup.php. The manipulation of the argument class_id leads to sql injection. This vulnerability is known as CVE-2024-54921. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Kashipara E-learning Management System 1.0. Affected is an unknown function of the file /lms/admin/edit_user.php. The manipulation of the argument firstname/lastname/username leads to sql injection. This vulnerability is traded as CVE-2024-54922. It is possible to launch the attack remotely. There is no exploit available.

【安全圈】需要采取紧急行动：ABB ASPECT 漏洞使建筑物面临网络攻击

【安全圈】以虚假视频会议为诱饵，攻击者瞄准了Web3公司员工

【安全圈】安装国内某些税务申报软件的机器升级到Windows 11 24H2版后会蓝屏死机

【安全圈】罗马尼亚实锤“俄利用TikTok干扰大选”？

Seven Bolt-Ons to Make Your Entra ID More Secure for Critical Sessions

Kubernetes 1.32 – A Security Perspective

Mandiant devised a technique to bypass browser isolation using QR codes

助力人才强国战略，360以实战人才为核心打造产教融合新业态

周鸿祎：360安全大模型将向“一带一路”友邻国家开放共享

The Role of USB Security in Combating Insider Threats

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices