Skip to main content
CVE-2023-51071 MEDIUM POC This Month

An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily disable the SMB service on a victim's Qstar instance by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Archive Storage Manager
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-51805 MEDIUM POC This Month

SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey parameter in the search function of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java SQLi Tduck Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-50072 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in OpenKM version 7.1.40 (dbb6e88) With Professional Extension that allows an authenticated user to upload a note on a file which acts as a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Openkm
NVD GitHub
CVSS 3.1
5.4
EPSS
3.7%
CVE-2023-51067 MEDIUM POC This Month

An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Archive Storage Manager
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2023-51064 MEDIUM POC This Month

QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=tree_table. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Archive Storage Manager
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2023-51068 MEDIUM POC This Month

An authenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Archive Storage Manager
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-51062 MEDIUM POC This Month

An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Archive Storage Manager
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-22137 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch Constant Contact Forms by MailMunch allows Stored XSS.0.11. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-0251 MEDIUM This Month

The Advanced Woo Search plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search parameter in all versions up to, and including, 2.96 due to insufficient input sanitization. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-0505 MEDIUM POC This Month

A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical.java of the component Upload Material Menu. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

File Upload Java Austin
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0502 MEDIUM POC Monitor

A vulnerability was found in SourceCodester House Rental Management System 1.0 and classified as critical. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi House Rental Management System
NVD VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-0498 MEDIUM This Month

A vulnerability was found in Project Worlds Lawyer Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0497 MEDIUM This Month

A vulnerability was found in Campcodes Student Information System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Simple Student Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0496 MEDIUM This Month

A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical.php of the component HTTP POST Request Handler. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Billing Software
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0495 MEDIUM This Month

A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Billing Software
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0494 MEDIUM This Month

A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Billing Software
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0493 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in Kashipara Billing Software 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Billing Software
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0492 MEDIUM This Month

A vulnerability classified as critical was found in Kashipara Billing Software 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Billing Software
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0491 MEDIUM This Month

A vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Huaxia Erp
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-0490 MEDIUM This Month

A vulnerability was found in Huaxia ERP up to 3.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Huaxia Erp
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-0489 MEDIUM This Month

A vulnerability was found in code-projects Fighting Cock Information System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0488 MEDIUM This Month

A vulnerability was found in code-projects Fighting Cock Information System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0487 MEDIUM This Month

A vulnerability was found in code-projects Fighting Cock Information System 1.0 and classified as critical. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0486 MEDIUM This Month

A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0485 MEDIUM This Month

A vulnerability, which was classified as critical, was found in code-projects Fighting Cock Information System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0484 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in code-projects Fighting Cock Information System 1.0.php. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0483 MEDIUM This Month

A vulnerability classified as critical was found in Taokeyun up to 1.0.5. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Taokeyun
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0482 MEDIUM This Month

A vulnerability classified as critical has been found in Taokeyun up to 1.0.5. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Taokeyun
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0481 MEDIUM This Month

A vulnerability was found in Taokeyun up to 1.0.5. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Taokeyun
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-22209 MEDIUM POC PATCH This Month

Open edX Platform is a service-oriented platform for authoring and delivering online learning. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Edx Platform
NVD GitHub
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-21640 MEDIUM POC PATCH This Month

Chromium Embedded Framework (CEF) is a simple framework for embedding Chromium-based browsers in other applications.`CefVideoConsumerOSR::OnFrameCaptured` does not check `pixel_format` properly,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Google Information Disclosure Chromium Embedded Framework Chrome
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-0478 MEDIUM This Month

A vulnerability was found in code-projects Fighting Cock Information System 1.0 and classified as critical.php. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0477 MEDIUM This Month

A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Fighting Cock Information System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-0475 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in code-projects Dormitory Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Dormitory Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy