Submit #469452: Portfolio Management System MCA Project using PHP and MySQL V1.0 SQL Injection [Accepted]
Submit #469452 / VDB-289664
Aggregator
CVE-2024-13002 | 1000 Projects Bookstore Management System 1.0 /order_process.php fnm sql injection
8 months 2 weeks ago
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /order_process.php. The manipulation of the argument fnm leads to sql injection.
This vulnerability is known as CVE-2024-13002. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-13001 | PHPGurukul Small CRM 1.0 /admin/index.php email sql injection
8 months 2 weeks ago
A vulnerability was found in PHPGurukul Small CRM 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument email leads to sql injection.
This vulnerability is traded as CVE-2024-13001. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-13000 | PHPGurukul Small CRM 1.0 /admin/quote-details.php id sql injection
8 months 2 weeks ago
A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.php. The manipulation of the argument id leads to sql injection.
The identification of this vulnerability is CVE-2024-13000. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12999 | PHPGurukul Small CRM 1.0 /admin/edit-user.php id sql injection
8 months 2 weeks ago
A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php. The manipulation of the argument id leads to sql injection.
This vulnerability was named CVE-2024-12999. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2011-0642 | Network-13 N-13 News 3.7 news/admin.php cross-site request forgery (EDB-16013 / XFDB-64824)
8 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Network-13 N-13 News 3.7. Affected by this issue is some unknown functionality of the file news/admin.php. The manipulation leads to cross-site request forgery.
This vulnerability is handled as CVE-2011-0642. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #469394: Bookstore Management System (PHP & MySQL) V1.0 SQL Injection [Accepted]
8 months 2 weeks ago
Submit #469394 / VDB-289663
writerke
Submit #469319: PHPGurukul Small CRM in PHP 1.0.00 SQL Injection [Duplicate]
8 months 2 weeks ago
Submit #469319 / VDB-249358
Fergod
Submit #469317: phpgurukul Small CRM in PHP 1 SQL Injection [Accepted]
8 months 2 weeks ago
Submit #469317 / VDB-289662
Havook
Submit #469312: phpgurukul Small CRM in PHP 1.0.0 SQL Injection [Accepted]
8 months 2 weeks ago
Submit #469312 / VDB-289661
Havook
Submit #469311: PHPGurukul Small CRM in PHP 1.0 SQL Injection [Accepted]
8 months 2 weeks ago
Submit #469311 / VDB-289660
Fergod
CVE-2024-12998 | code-projects Online Car Rental System 1.0 GET Parameter /index.php cross site scripting
8 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in code-projects Online Car Rental System 1.0. This affects an unknown part of the file /index.php of the component GET Parameter Handler. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-12998. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #469216: code-projects ONLINE CAR RENTAL SYSTEM 1.0 Cross Site Scripting [Accepted]
8 months 2 weeks ago
Submit #469216 / VDB-289659
Havook
CVE-2024-56512 | Apache NiFi up to 2.0.0 New Process Group improper authorization
8 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Apache NiFi up to 2.0.0. Affected by this issue is some unknown functionality of the component New Process Group Handler. The manipulation leads to improper authorization.
This vulnerability is handled as CVE-2024-56512. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-54775 | Dcat Admin 2.2.0-beta/2.2.2-beta /admin/auth/men cross site scripting
8 months 2 weeks ago
A vulnerability classified as problematic was found in Dcat Admin 2.2.0-beta/2.2.2-beta. Affected by this vulnerability is an unknown functionality of the file /admin/auth/men. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2024-54775. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-54774 | Dcat Admin 2.2.0-beta /admin/articles/create cross site scripting
8 months 2 weeks ago
A vulnerability classified as problematic has been found in Dcat Admin 2.2.0-beta. Affected is an unknown function of the file /admin/articles/create. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2024-54774. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2021-37000 | Huawei HarmonyOS 2.0 credentials management
8 months 2 weeks ago
A vulnerability was found in Huawei HarmonyOS 2.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to credentials management.
The identification of this vulnerability is CVE-2021-37000. The attack needs to be approached locally. There is no exploit available.
vuldb.com
CVE-2024-43705 | Imagination Technologies Graphics DDK up to 24.2 RTM2 GPU Kernel Driver insufficient permissions or privileges
8 months 2 weeks ago
A vulnerability was found in Imagination Technologies Graphics DDK up to 24.2 RTM2. It has been declared as problematic. This vulnerability affects unknown code of the component GPU Kernel Driver. The manipulation leads to improper handling of insufficient permissions or privileges.
This vulnerability was named CVE-2024-43705. The attack can only be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-46973 | Imagination Technologies Graphics DDK up to 24.2 RTM2 GPU System Call use after free
8 months 2 weeks ago
A vulnerability was found in Imagination Technologies Graphics DDK up to 24.2 RTM2. It has been classified as critical. This affects an unknown part of the component GPU System Call Handler. The manipulation leads to use after free.
This vulnerability is uniquely identified as CVE-2024-46973. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-46972 | Imagination Technologies Graphics DDK 24.1 RTM GPU System Call reference count
8 months 2 weeks ago
A vulnerability was found in Imagination Technologies Graphics DDK 24.1 RTM and classified as critical. Affected by this issue is some unknown functionality of the component GPU System Call Handler. The manipulation leads to improper update of reference count.
This vulnerability is handled as CVE-2024-46972. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com