Aggregator

CVE-2024-9317 | SourceCodester Online Eyewear Shop 1.0 Master.php delete_category id sql injection

VulDB Recent Entries
4 months 4 weeks ago
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2024-9317. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-9316 | code-projects Blood Bank Management System 1.0 B+.php Bloodname sql injection

VulDB Recent Entries
4 months 4 weeks ago
A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/blood/update/B+.php. The manipulation of the argument Bloodname leads to sql injection. This vulnerability is traded as CVE-2024-9316. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-9315 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 manage_department.php id sql injection

VulDB Recent Entries
4 months 4 weeks ago
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_department.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2024-9315. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-8927 | PHP up to 8.1.29/8.2.23/8.3.11 cgi.force_redirect access control

VulDB Recent Entries
4 months 4 weeks ago
A vulnerability was found in PHP up to 8.1.29/8.2.23/8.3.11 and classified as critical. Affected by this issue is some unknown functionality of the component cgi.force_redirect Handler. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-8927. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-8926 | PHP up to 8.1.29/8.2.23/8.3.11 Privilege Escalation

VulDB Recent Entries
4 months 4 weeks ago
A vulnerability has been found in PHP up to 8.1.29/8.2.23/8.3.11 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to Privilege Escalation. This vulnerability is known as CVE-2024-8926. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-47186 | filamentphp filament up to 3.2.114 ColorColumn/ColumnEntry cross site scripting (GHSA-9h9q-qhxg-89xr)

VulDB Recent Entries
4 months 4 weeks ago
A vulnerability, which was classified as problematic, has been found in filamentphp filament up to 3.2.114. This issue affects some unknown processing. The manipulation of the argument ColorColumn/ColumnEntry leads to cross site scripting. The identification of this vulnerability is CVE-2024-47186. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-38796 | TianoCore EDK2 up to edk2-stable202405 PeCoffLoaderRelocateImage heap-based overflow (GHSA-xpcr-7hjq-m6qm)

VulDB Recent Entries
4 months 4 weeks ago
A vulnerability classified as critical has been found in TianoCore EDK2 up to edk2-stable202405. This affects the function PeCoffLoaderRelocateImage. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-38796. The attack can only be done within the local network. There is no exploit available.
vuldb.com

专家解读 | 制度与产业共行,发展与安全并重——以终端设备直连卫星服务赋能新质生产力发展

中国信息安全
4 months 4 weeks ago
伴随着终端设备直连卫星产品和服务加快普及,技术滥用风险也同时对传统网络管理方式带来新挑战,由此带来的网络安全风险、数据安全风险、个人信息保护风险和电信网络诈骗风险等不容忽视,迫切需要统筹高质量发展和高水平安全,设置好“红绿灯”。

Managed ad