NA - CVE-2025-0172 - A vulnerability has been found in code-projects...
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The...
NA - CVE-2024-11716 - While assignment of a user to a team (bracket)...
While assignment of a user to a team (bracket) in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and...
NA - CVE-2024-11717 - Tokens in CTFd used for account activation and...
Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single...
NA - CVE-2024-56199 - phpMyFAQ is an open source FAQ web application....
phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content into the FAQ editor at...
NA - CVE-2025-0173 - A vulnerability was found in SourceCodester...
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /orders/view_order.php. The...
NA - CVE-2024-48197 - Cross Site Scripting vulnerability in...
Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface.
Medium - CVE-2024-8447 - A security issue was discovered in the LRA...
A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA...