Alerts | HunCERT group

9 Dec 2024

NA - CVE-2024-54919 - A Stored Cross Site Scripting (XSS ) was found...

A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary java script via...

security-database.com

9 Dec 2024

NA - CVE-2024-54920 - A SQL Injection vulnerability was found in...

A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized...

security-database.com

9 Dec 2024

NA - CVE-2022-38947 - SQL Injection vulnerability in...

SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry.php in product_title parameter, allows attackers to execute arbitrary code.

security-database.com

9 Dec 2024

NA - CVE-2024-40582 - Pentaminds CuroVMS v2.0.1 was discovered to...

Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information.

security-database.com

9 Dec 2024

NA - CVE-2024-40583 - Pentaminds CuroVMS v2.0.1 was discovered to...

Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials.

security-database.com

9 Dec 2024

NA - CVE-2022-38946 - Arbitrary File Upload vulnerability in...

Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php, allows attackers to execute arbitrary code.

security-database.com

9 Dec 2024

NA - CVE-2023-43962 - Cross Site Scripting vulnerability in Xunrui...

Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab.

security-database.com

9 Dec 2024

NA - CVE-2024-45760 - Dell OpenManage Server Administrator, versions...

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. A remote low privileged user could potentially exploit this vulnerability via...

security-database.com

9 Dec 2024

NA - CVE-2024-45761 - Dell OpenManage Server Administrator, versions...

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. A remote low-privileged malicious user could potentially exploit this...

security-database.com

9 Dec 2024

NA - CVE-2024-53450 - RAGFlow 0.13.0 suffers from improper access...

RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized access to user documents.

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.