๐จ CVE-2024-7748
A vulnerability, which was classified as critical, has been found in SourceCodester Accounts Manager App 1.0. This issue affects some unknown processing of the file /endpoint/delete-account.php. The manipulation of the argument account leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability, which was classified as critical, has been found in SourceCodester Accounts Manager App 1.0. This issue affects some unknown processing of the file /endpoint/delete-account.php. The manipulation of the argument account leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
webray.com.cn/Accounts-Manager-App/Accounts-Manager-Appsql.md at main ยท joinia/webray.com.cn
Contribute to joinia/webray.com.cn development by creating an account on GitHub.
๐จ CVE-2024-7749
A vulnerability, which was classified as problematic, was found in SourceCodester Accounts Manager App 1.0. Affected is an unknown function of the file /endpoint/add-account.php. The manipulation of the argument account_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability, which was classified as problematic, was found in SourceCodester Accounts Manager App 1.0. Affected is an unknown function of the file /endpoint/add-account.php. The manipulation of the argument account_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
webray.com.cn/Accounts-Manager-App/Accounts-Manager-Appxss.md at main ยท joinia/webray.com.cn
Contribute to joinia/webray.com.cn development by creating an account on GitHub.
๐จ CVE-2024-38164
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.
๐@cveNotify
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.
๐@cveNotify
๐จ CVE-2024-38176
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.
๐@cveNotify
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.
๐@cveNotify
๐จ CVE-2024-38182
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
๐@cveNotify
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
๐@cveNotify
๐จ CVE-2024-28986
SolarWinds Web Help Desk was susceptible to a Java Deserialization Remote Code Execution that would allow access to run commands on the host machine.
๐@cveNotify
SolarWinds Web Help Desk was susceptible to a Java Deserialization Remote Code Execution that would allow access to run commands on the host machine.
๐@cveNotify
๐จ CVE-2024-7750
A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /medicines.php. The manipulation of the argument medicine_name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /medicines.php. The manipulation of the argument medicine_name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
cve/Clinic's_sql.md at main ยท Wsstiger/cve
Contribute to Wsstiger/cve development by creating an account on GitHub.
๐จ CVE-2024-7751
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /update_medicine.php. The manipulation of the argument hidden_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /update_medicine.php. The manipulation of the argument hidden_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
cve/Clinic's_sql2.md at main ยท Wsstiger/cve
Contribute to Wsstiger/cve development by creating an account on GitHub.
๐จ CVE-2024-38166
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.
๐@cveNotify
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.
๐@cveNotify
๐จ CVE-2024-38206
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network.
๐@cveNotify
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network.
๐@cveNotify
๐จ CVE-2024-38109
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
๐@cveNotify
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
๐@cveNotify
๐จ CVE-2024-28986
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine.
While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.
However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.
๐@cveNotify
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine.
While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.
However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.
๐@cveNotify
๐จ CVE-2024-7752
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /update_medicine.php. The manipulation of the argument medicine_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /update_medicine.php. The manipulation of the argument medicine_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
cve/Clinic's_xss.md at main ยท Wsstiger/cve
Contribute to Wsstiger/cve development by creating an account on GitHub.
๐จ CVE-2024-38107
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
๐@cveNotify
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
๐@cveNotify
๐จ CVE-2024-38193
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
๐@cveNotify
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
๐@cveNotify
๐จ CVE-2024-7753
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user_images/. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user_images/. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
cve/Clinic's_Directory.md at main ยท Wsstiger/cve
Contribute to Wsstiger/cve development by creating an account on GitHub.