Skip to main content
CVE-2024-0765 MEDIUM POC PATCH This Month

As a default user on a multi-user instance of AnythingLLM, you could execute a call to the `/export-data` endpoint of the system and then unzip and read that export that would enable you do. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Anythingllm
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2134 MEDIUM POC This Month

A vulnerability has been found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Hospital Automanager
NVD VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-2146 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Online Mobile Store Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-2145 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Mobile Store Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-2135 MEDIUM POC This Month

A vulnerability was found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hospital Automanager
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-25551 MEDIUM This Month

Cross Site Scripting (XSS) vulnerability in sourcecodester Simple Student Attendance System v1.0 allows attackers to execute arbitrary code via crafted GET request to web application URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS Simple Student Attendance System
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-22355 MEDIUM This Month

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Brute Force Information Disclosure Cloud Pak For Security Qradar Suite
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-2150 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Insurance Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Insurance Management System
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy