Skip to main content
CVE-2024-11258 MEDIUM POC This Month

A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Beauty Parlour Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.8%
CVE-2024-11257 MEDIUM POC This Month

A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Beauty Parlour Management System
NVD VulDB GitHub
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-11256 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-11243 MEDIUM POC This Month

A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Shop Store
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-11241 MEDIUM POC This Month

A vulnerability was found in code-projects Job Recruitment 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Job Recruitment
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-11238 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Landray Ekp
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
5.6%
CVE-2024-9529 MEDIUM POC This Month

The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin before 6.3.6.3, Advanced Custom Fields Pro WordPress plugin before 6.3.9 does not prevent users from. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Information Disclosure PHP Advanced Custom Fields
NVD WPScan
CVSS 3.1
6.6
EPSS
0.4%
CVE-2024-50651 MEDIUM POC This Month

java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Java Shop
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-1240 MEDIUM POC PATCH This Month

An open redirection vulnerability exists in pyload/pyload version 0.5.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Pyload
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-0787 MEDIUM POC PATCH This Month

phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Authentication Bypass PHP Phpipam
NVD GitHub
CVSS 3.1
5.9
EPSS
0.5%
CVE-2024-10104 MEDIUM POC This Month

The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Jobs For Wordpress
NVD WPScan
CVSS 3.1
5.9
EPSS
0.3%
CVE-2024-51142 MEDIUM POC This Month

Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows an attacker to execute arbitrary code via the svkey parameter of the storageapi.php file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS Chamilo Lms
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-50655 MEDIUM POC This Month

emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Emlog
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-52526 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-51497 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-51496 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-51495 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-51494 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-50352 MEDIUM POC PATCH THREAT This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
36.7%
CVE-2024-50351 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-50350 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-49764 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-49759 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-49754 MEDIUM POC PATCH THREAT This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Librenms
NVD GitHub
CVSS 3.1
5.4
EPSS
69.8%
CVE-2024-1097 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability exists in craigk5n/webcalendar version 1.3.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webcalendar
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-51037 MEDIUM POC This Month

An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kodbox
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-11259 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in code-projects Farmacia 1.0.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Farmacia
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-11251 MEDIUM POC This Month

A vulnerability was found in erzhongxmu Jeewms up to 20241108. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jeewms
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-11250 MEDIUM POC This Month

A vulnerability was found in code-projects Inventory Management up to 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Inventory Management
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-11247 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Eyewear Shop
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-11246 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in code-projects Farmacia 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Farmacia
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-11245 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in code-projects Farmacia 1.0.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Farmacia
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-11244 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Farmacia 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Farmacia
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-11240 MEDIUM POC This Month

A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic.php of the component Banco de Dados Tab. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Ibwebadmin
NVD VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-11239 MEDIUM POC This Month

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Landray Ekp
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.5%
CVE-2024-11242 MEDIUM POC This Month

A vulnerability was found in ZZCMS 2023. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Zzcms
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.5%
CVE-2024-11262 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as critical. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Student Record Management System
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.4%
CVE-2024-11261 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in SourceCodester Student Record Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Student Record Management System
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.3%
CVE-2024-50355 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Java Librenms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-49758 MEDIUM POC PATCH This Month

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Java Librenms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-0875 MEDIUM POC PATCH This Month

A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Openemr
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2024-50652 MEDIUM POC This Month

A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Java Shop
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-49592 MEDIUM This Month

Trial installer for McAfee Total Protection (legacy trial installer software) 16.0.53 allows local privilege escalation because of an Uncontrolled Search Path Element. Rated medium severity (CVSS 6.7). No vendor patch available.

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-47759 MEDIUM This Month

GLPI is a free Asset and IT management software package. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Glpi
NVD GitHub
CVSS 4.0
6.7
EPSS
0.4%
CVE-2024-24446 MEDIUM This Month

An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-24425 MEDIUM This Month

Magma v1.8.0 and OAI EPC Federation v1.20 were discovered to contain an out-of-bounds read in the amf_as_establish_req function at /tasks/amf/amf_as.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-52511 MEDIUM PATCH This Month

Nextcloud Tables allows users to to create tables with individual columns. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Nextcloud Tables
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-24449 MEDIUM This Month

An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialUEMessage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-52523 MEDIUM PATCH This Month

Nextcloud Server is a self hosted personal cloud system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-52520 MEDIUM PATCH This Month

Nextcloud Server is a self hosted personal cloud system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy