Aggregator

CVE-2024-1818 | CodeAstro Membership Management System 1.0 Logo /uploads/ unrestricted upload

Vuldb Updates
1 year 4 months ago
A vulnerability was found in CodeAstro Membership Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /uploads/ of the component Logo Handler. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-1818. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-1819 | CodeAstro Membership Management System 1.0 Add Members Tab Member Photo unrestricted upload

Vuldb Updates
1 year 4 months ago
A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-1819. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-1820 | code-projects Crime Reporting System 1.0 inchargelogin.php email/password sql injection

Vuldb Updates
1 year 4 months ago
A vulnerability was found in code-projects Crime Reporting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file inchargelogin.php. The manipulation of the argument email/password leads to sql injection. This vulnerability was named CVE-2024-1820. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-1821 | code-projects Crime Reporting System 1.0 police_add.php police_name/police_id/police_spec/password sql injection

Vuldb Updates
1 year 4 months ago
A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file police_add.php. The manipulation of the argument police_name/police_id/police_spec/password leads to sql injection. The identification of this vulnerability is CVE-2024-1821. Access to the local network is required for this attack. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-1823 | CodeAstro Simple Voting System 1.0 Backend users.php access control

Vuldb Updates
1 year 4 months ago
A vulnerability classified as critical was found in CodeAstro Simple Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file users.php of the component Backend. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-1823. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2023-43040 | Ceph RGW Bucket rgw_rest_s3.cc get_params access control (Nessus ID 212141)

Vuldb Updates
1 year 4 months ago
A vulnerability, which was classified as critical, was found in Ceph RGW. This affects the function RGWPostObj_ObjStore_S3::get_params of the file rgw_rest_s3.cc of the component Bucket Handler. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2023-43040. Access to the local network is required for this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Weaponized AI: Hot for Fraud, Not for Election Interference

Ransomware DataBreachToday.com
1 year 4 months ago
FBI Sees Rising AI-Enabled Fraud; Meta Reports Scant Election Interference Use
Artificial intelligence: What's it good for? Per the old song about war, the answer isn't "absolutely nothing," but so far it also isn't "absolutely everything." New findings pinpoint where generative AI and deepfakes are hot - fraud - and where they're not - election interference

Managed ad