NA - CVE-2024-36265 - ** UNSUPPORTED WHEN ASSIGNED ** Incorrect...
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. As this project is retired, we...
NA - CVE-2024-36691 - Insecure permissions in the...
Insecure permissions in the AdminController.AjaxSave() method of PPGo_Jobs v2.8.0 allows authenticated attackers to arbitrarily modify users' account information.
NA - CVE-2024-36840 - SQL Injection vulnerability in Boelter Blue...
SQL Injection vulnerability in Boelter Blue System Management v.1.3 allows a remote attacker to execute arbitrary code and obtain sensitive information via the id parameter to news_details.php and...
NA - CVE-2024-37297 - WooCommerce is an open-source e-commerce...
WooCommerce is an open-source e-commerce platform built on WordPress. A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include...
NA - CVE-2024-37304 - NuGet Gallery is a package repository that...
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly...
NA - CVE-2024-5893 - A vulnerability classified as critical has been...
A vulnerability classified as critical has been found in SourceCodester Cab Management System 1.0. This affects an unknown part of the file /cms/classes/Users.php?f=delete_client. The manipulation...
NA - CVE-2024-5894 - A vulnerability classified as critical was...
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file manage_product.php. The manipulation of the argument...
NA - CVE-2024-5895 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. This issue affects the function delete_users of the file...
NA - CVE-2024-1891 - A stored cross site scripting vulnerability...
A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page.