NA - CVE-2024-50835 - A SQL Injection vulnerability was found in...
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters.
NA - CVE-2024-50836 - A Stored Cross-Site Scripting (XSS)...
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute...
NA - CVE-2024-6068 - A memory corruption vulnerability exists in the...
A memory corruption vulnerability exists in the affected products when parsing DFT files. Local threat actors can exploit this issue to disclose information and to execute arbitrary code. To...
NA - CVE-2024-1682 - An unclaimed Amazon S3 bucket,...
An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this...
NA - CVE-2024-3379 - In lunary-ai/lunary versions 1.2.2 through...
In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows unprivileged users to re-generate the private key for projects they do not have access to....
NA - CVE-2024-3501 - In lunary-ai/lunary versions up to and...
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists due to the inclusion of single-use tokens in the responses of `GET /v1/users/me` and `GET...
NA - CVE-2024-3502 - In lunary-ai/lunary versions up to and...
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists where account recovery hashes of users are inadvertently exposed to unauthorized actors. This...
NA - CVE-2024-48284 - A Reflected Cross-Site Scripting (XSS)...
A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows...