VULNMAP - Security Vulnerabilities

CVE List - 2024 / December

Showing 2801 - 2900 of 3433 CVEs for December 2024 (Page 29 of 35)

CVE ID Date Title
CVE-2024-12926 2024-12-25 Codezips Project Management System advanced.php sql injection
CVE-2024-12927 2024-12-25 1000 Projects Attendance Tracking Management System check_faculty_login.php sql injection
CVE-2024-12928 2024-12-25 code-projects Simple Admin Panel sql injection
CVE-2024-54907 2024-12-26 TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in...
CVE-2024-56433 2024-12-26 shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid...
CVE-2024-12929 2024-12-26 code-projects Student Management System addCatController.php sql injection
CVE-2024-12930 2024-12-26 code-projects Simple Admin Panel addCatController.php cross site scripting
CVE-2024-12931 2024-12-26 code-projects Simple Admin Panel addCatController.php sql injection
CVE-2024-12932 2024-12-26 code-projects Simple Admin Panel addSizeController.php cross site scripting
CVE-2024-12933 2024-12-26 code-projects Simple Admin Panel updateItemController.php cross site scripting
CVE-2024-12934 2024-12-26 code-projects Simple Admin Panel updateItemController.php sql injection
CVE-2024-12652 2024-12-26 Intumit SmartRobot′s Conversational AI Platform - Improper Control of Generation of Code ('Code Injection')
CVE-2024-12935 2024-12-26 code-projects Simple Admin Panel editItemForm.php sql injection
CVE-2024-12936 2024-12-26 code-projects Simple Admin Panel catDeleteController.php sql injection
CVE-2024-12937 2024-12-26 code-projects Simple Admin Panel addVariationController.php sql injection
CVE-2024-10903 2024-12-26 Broken Link Checker < 2.4.2 - Admin+ SSRF
CVE-2024-11223 2024-12-26 WPForms < 1.9.2.3 - Admin+ Stored XSS
CVE-2024-12938 2024-12-26 code-projects Simple Admin Panel updateOrderStatus.php sql injection
CVE-2024-12939 2024-12-26 code-projects Job Recruitment _all_edits.php add_edu sql injection
CVE-2024-12940 2024-12-26 1000 Projects Attendance Tracking Management System student_action.php sql injection
CVE-2024-12941 2024-12-26 CodeAstro Blood Donor Management System deletedannounce.php sql injection
CVE-2024-12942 2024-12-26 1000 Projects Portfolio Management System MCA admin_login.php sql injection
CVE-2024-12943 2024-12-26 CodeAstro House Rental Management System ownersignup.php sql injection
CVE-2024-12944 2024-12-26 CodeAstro House Rental Management System signin.php sql injection
CVE-2023-7300 2024-12-26 Huawei Home Music System has a path traversal vulnerability. Successful...
CVE-2024-12945 2024-12-26 code-projects Simple Car Rental System account.php sql injection
CVE-2024-12946 2024-12-26 1000 Projects Attendance Tracking Management System admin_action.php sql injection
CVE-2024-12947 2024-12-26 Codezips Hospital Management System invo.php sql injection
CVE-2024-12948 2024-12-26 code-projects Travel Management System detail.php sql injection
CVE-2024-47156 2024-12-26 Information Leak Vulnerability in Honor Product
CVE-2024-47151 2024-12-26 Some Honor products are affected by file writing vulnerability, successful...
CVE-2024-8994 2024-12-26 Some Honor products are affected by information leak vulnerability, successful...
CVE-2024-8993 2024-12-26 Some Honor products are affected by information leak vulnerability, successful...
CVE-2024-8992 2024-12-26 Some Honor products are affected by information leak vulnerability, successful...
CVE-2024-12949 2024-12-26 code-projects Travel Management System package.php sql injection
CVE-2024-47153 2024-12-26 Some Honor products are affected by information leak vulnerability, successful...
CVE-2024-47154 2024-12-26 Some Honor products are affected by information leak vulnerability, successful...
CVE-2024-47155 2024-12-26 Some Honor products are affected by information leak vulnerability, successful...
CVE-2024-47157 2024-12-26 Some Honor products are affected by incorrect privilege assignment vulnerability,...
CVE-2024-12950 2024-12-26 code-projects/projectworlds Travel Management System subcat.php sql injection
CVE-2024-47148 2024-12-26 Some Honor products are affected by incorrect privilege assignment vulnerability,...
CVE-2024-47149 2024-12-26 Some Honor products are affected by incorrect privilege assignment vulnerability,...
CVE-2024-47150 2024-12-26 Some Honor products are affected by information leak vulnerability, successful...
CVE-2024-12951 2024-12-26 1000 Projects Portfolio Management System MCA add_personal_details.php unrestricted upload
CVE-2024-12952 2024-12-26 melMass comfy_mtb Dependency endpoint.py run_command code injection
CVE-2024-12953 2024-12-26 1000 Projects Portfolio Management System MCA update_pd_process.php unrestricted upload
CVE-2024-12954 2024-12-26 1000 Projects Portfolio Management System MCA update_ach.php unrestricted upload
CVE-2024-12955 2024-12-26 PHPGurukul Blood Bank & Donor Management System logout.php cross-site request forgery
CVE-2024-12956 2024-12-26 1000 Projects Portfolio Management System MCA add_achievement_details.php unrestricted upload
CVE-2024-12958 2024-12-26 1000 Projects Portfolio Management System MCA update_pro_details.php sql injection
CVE-2024-12908 2024-12-26 Delinea addressed a reported case on Secret Server v11.7.31 (protocol...
CVE-2024-51540 2024-12-26 Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow...
CVE-2024-12959 2024-12-26 1000 Projects Portfolio Management System MCA update_personal_details.php sql injection
CVE-2024-12960 2024-12-26 1000 Projects Portfolio Management System MCA update_edu_details.php sql injection
CVE-2024-12961 2024-12-26 1000 Projects Portfolio Management System MCA update_ach_details.php sql injection
CVE-2024-12962 2024-12-26 code-projects Job Recruitment _all_edits.php sql injection
CVE-2024-12963 2024-12-26 code-projects Job Recruitment _all_edits.php add_xp sql injection
CVE-2024-12964 2024-12-26 1000 Projects Daily College Class Work Report Book login.php sql injection
CVE-2024-12965 2024-12-26 1000 Projects Portfolio Management System MCA update_ex_detail.php sql injection
CVE-2024-56510 2024-12-26 Marp Core allows XSS by improper neutralization of HTML sanitization
CVE-2024-12966 2024-12-26 code-projects Job Recruitment _all_edits.php cn_update sql injection
CVE-2024-45600 2024-12-26 Fields GLPI plugin has an Authenticated SQL Injection
CVE-2024-12967 2024-12-26 code-projects Job Recruitment _all_edits.php fln_update sql injection
CVE-2024-45805 2024-12-26 OpenCTI leaks support information due to inadequate access control
CVE-2024-53850 2024-12-26 The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation
CVE-2024-55950 2024-12-26 Tabby has a TCC Bypass via Unnecessary Permissive Entitlements in Tabby
CVE-2024-56361 2024-12-26 Stored Cross-Site Scripting (XSS) in lgsl v7.0
CVE-2024-12968 2024-12-26 code-projects Job Recruitment _all_edits.php edit_jobpost sql injection
CVE-2024-12969 2024-12-26 code-projects Hospital Management System Login index.php sql injection
CVE-2024-39025 2024-12-27 Incorrect access control in the /users endpoint of Cpacker MemGPT...
CVE-2024-50713 2024-12-27 SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability...
CVE-2024-50714 2024-12-27 A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0...
CVE-2024-50715 2024-12-27 An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote...
CVE-2024-50716 2024-12-27 SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote...
CVE-2024-50717 2024-12-27 SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote...
CVE-2024-50944 2024-12-27 Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in...
CVE-2024-53476 2024-12-27 A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows...
CVE-2024-54450 2024-12-27 An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If...
CVE-2024-54451 2024-12-27 A cross-site scripting (XSS) vulnerability in the graphicCustomization.do page in...
CVE-2024-54452 2024-12-27 An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35...
CVE-2024-54453 2024-12-27 An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35,...
CVE-2024-54454 2024-12-27 An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35,...
CVE-2024-54774 2024-12-27 Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in...
CVE-2024-54775 2024-12-27 Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting (XSS) vulnerability...
CVE-2024-56519 2024-12-27 An issue was discovered in TCPDF before 6.8.0. setSVGStyles does...
CVE-2024-56520 2024-12-27 An issue was discovered in tc-lib-pdf-font before 2.6.4, as used...
CVE-2024-56522 2024-12-27 An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses...
CVE-2024-50945 2024-12-27 An improper access control vulnerability exists in SimplCommerce at commit...
CVE-2024-56521 2024-12-27 An issue was discovered in TCPDF before 6.8.0. If libcurl...
CVE-2024-56527 2024-12-27 An issue was discovered in TCPDF before 6.8.0. The Error...
CVE-2024-12976 2024-12-27 CodeZips Hospital Management System staff.php sql injection
CVE-2024-12977 2024-12-27 PHPGurukul Complaint Management System state.php sql injection
CVE-2024-9774 2024-12-27 Python-sql: python-sql unary operators does not escape non-expression
CVE-2024-12978 2024-12-27 code-projects Job Recruitment _all_edits.php add_req sql injection
CVE-2024-12979 2024-12-27 code-projects Job Recruitment _all_edits.php cn_update cross site scripting
CVE-2024-12980 2024-12-27 code-projects Job Recruitment _all_edits.php fln_update cross site scripting
CVE-2024-12981 2024-12-27 CodeAstro Car Rental System bookingconfirm.php sql injection
CVE-2024-11605 2024-12-27 WP Publications <= 1.2 - Admin+ Stored XSS
CVE-2024-11644 2024-12-27 WP-SVG <= 0.9 - Contributor+ Stored XSS via Shortcode
CVE-2024-11645 2024-12-27 Float Block <= 1.7 - Admin+ Stored XSS via Widget