Aggregator

A vulnerability was found in code-projects Travel Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /subcat.php. The manipulation of the argument catid leads to sql injection. The identification of this vulnerability is CVE-2024-12950. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Travel Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /package.php. The manipulation of the argument subcatid leads to sql injection. This vulnerability was named CVE-2024-12949. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Travel Management System 1.0. It has been classified as critical. This affects an unknown part of the file /detail.php. The manipulation of the argument pid leads to sql injection. This vulnerability is uniquely identified as CVE-2024-12948. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #468644 / VDB-289314

Submit #468543 / VDB-289313

Submit #468541 / VDB-289312

Submit #468538 / VDB-289311

A vulnerability was found in Codezips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /invo.php. The manipulation of the argument dname leads to sql injection. This vulnerability is handled as CVE-2024-12947. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability has been found in OpenFHE up to 1.2.3 and classified as problematic. Affected by this vulnerability is the function BinFHEContext::EvalFloor in the library lib/binfhe-base-scheme.cpp. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-56430. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Theora up to 1.0 7180717. Affected is the function oc_huff_tree_unpack of the file huffdec.c of the component libtheora. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-56431. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0. This issue affects some unknown processing of the file /admin/admin_action.php. The manipulation of the argument admin_user_name leads to sql injection. The identification of this vulnerability is CVE-2024-12946. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #468522 / VDB-289310

Submit #468517 / VDB-177391

A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /account.php. The manipulation of the argument email/pass leads to sql injection. This vulnerability was named CVE-2024-12945. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #468514 / VDB-177390

Новое исследование соединяет биологию, физику и эволюцию в единое объяснение.

Submit #468392 / VDB-289307

Submit #468378 / VDB-289306

IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system that could potentially lead to denial-of-service (DoS) attacks. The affected kernel extensions—perfstat and TCP/IPmpresent risks to systems running on AIX 7.2, AIX 7.3, VIOS 3.1, and VIOS 4.1. The vulnerabilities are tracked under CVE-2024-47102 and CVE-2024-52906, each with a Common […]

The post IBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache HugeGraph-Server. The flaw, identified as CVE-2024-43441, could potentially allow authentication bypass due to an issue with assumed-immutable data in JWT tokens. The vulnerability impacts versions 1.0 to 1.3 of Apache HugeGraph-Server, prior to the release of version 1.5.0. Users running […]

The post Apache Auth-Bypass Vulnerability Lets Attackers Gain Control Over HugeGraph-Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.