Search Results (26961 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-43772 2 Easytest, Huaju 2 Easytest Online Test Platform, Easytest Online Learning Test Platform 2024-09-04 9.8 Critical
SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter.
CVE-2024-42568 1 Arajajyothibabu 1 School Management System 2024-09-03 9.8 Critical
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.
CVE-2024-45435 2 Chartist, Chartistjs 2 Chartist, Chartist 2024-09-03 9.8 Critical
Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function.
CVE-2024-6118 1 Hamastar 1 Meetinghub Paperless Meetings 2024-08-30 9.1 Critical
A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file.
CVE-2024-6117 1 Hamastar 1 Meetinghub Paperless Meetings 2024-08-30 8.8 High
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file.
CVE-2024-45436 1 Ollama 1 Ollama 2024-08-30 9.1 Critical
extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory.
CVE-2024-29723 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/conexiones/ax/openTracExt/, parameter categoria;.
CVE-2024-29724 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/ax/registerSp/, parameter idDesafio.
CVE-2024-29725 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sort_bloques/, parameter list.
CVE-2024-29728 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/inscribeUsuario/ , parameter idDesafio.
CVE-2024-29729 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/generateShortURL/, parameter url.
CVE-2024-29731 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query:  https://XXXXXXX.saludydesafio.com/app/ax/checkBlindFields/ , parameters idChallenge and idEmpresa.
CVE-2024-29727 1 Sportsnet 2 Sportsnet, Sportsnetcms 2024-08-30 9.8 Critical
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , parameter send.
CVE-2024-6202 1 Haloservicesolutions 1 Haloitsm 2024-08-29 9.8 Critical
HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping (XSW) vulnerability. When having a SAML integration configured, anonymous actors could impersonate arbitrary HaloITSM users by just knowing their email address. HaloITSM versions past 2.146.1 (and patches starting from 2.143.61 ) fix the mentioned vulnerability.
CVE-2024-43111 1 Mozilla 2 Firefox, Firefox For Ios 2024-08-29 9.8 Critical
Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129.
CVE-2024-42467 1 Openhab 2 Openhab Web Interface, Openhab Webui 2024-08-29 10 Critical
openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, the proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forgery (SSRF) to induce GET HTTP requests to internal-only servers, in case openHAB is exposed in a non-private network. Furthermore, this proxy-feature can also be exploited as a Cross-Site Scripting (XSS) vulnerability, as an attacker is able to re-route a request to their server and return a page with malicious JavaScript code. Since the browser receives this data directly from the openHAB CometVisu UI, this JavaScript code will be executed with the origin of the CometVisu UI. This allows an attacker to exploit call endpoints on an openHAB server even if the openHAB server is located in a private network. (e.g. by sending an openHAB admin a link that proxies malicious JavaScript.) This issue may lead up to Remote Code Execution (RCE) when chained with other vulnerabilities. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch.
CVE-2024-42167 1 Fiware 1 Keyrock 2024-08-29 9.1 Critical
The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious organisationname.
CVE-2024-42166 1 Fiware 1 Keyrock 2024-08-29 9.1 Critical
The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious name.
CVE-2024-42366 1 Vrcx-team 1 Vrcx 2024-08-29 9.1 Critical
VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In addition to the patch, VRCX maintainers worked with the VRC team and blocked the older version of VRCX on the VRC's API side. Users who use the older version of VRCX must update their installation to continue using VRCX.
CVE-2024-41570 2 C5pider, Havocframework 2 Havoc, Havoc 2024-08-29 9.8 Critical
An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.