Submit #468540: 1000 Projects Portfolio Management System MCA Project v1.0 Unrestricted Upload [Accepted]
Submit #468540 / VDB-289319
Aggregator
CVE-2024-12954 | 1000 Projects Portfolio Management System MCA 1.0 /update_ach.php ach_certy unrestricted upload
11 months 2 weeks ago
A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. This affects an unknown part of the file /update_ach.php. The manipulation of the argument ach_certy leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-2024-12954. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12953 | 1000 Projects Portfolio Management System MCA 1.0 /update_pd_process.php profile unrestricted upload
11 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected by this issue is some unknown functionality of the file /update_pd_process.php. The manipulation of the argument profile leads to unrestricted upload.
This vulnerability is handled as CVE-2024-12953. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #468878: https://phpgurukul.com/ Blood Bank & Donor Management System v2.4 CSRF Improper Input Validation [Accepted]
11 months 2 weeks ago
Submit #468878 / VDB-289318
Lo1x
CVE-2024-12952 | melMass comfy_mtb up to 0.1.4 Dependency comfy_mtb/endpoint.py run_command code injection
11 months 2 weeks ago
A vulnerability classified as critical was found in melMass comfy_mtb up to 0.1.4. Affected by this vulnerability is the function run_command of the file comfy_mtb/endpoint.py of the component Dependency Handler. The manipulation leads to code injection.
This vulnerability is known as CVE-2024-12952. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
Submit #468772: 1000 Projects Portfolio Management System MCA Project v1.0 Unrestricted Upload [Accepted]
11 months 2 weeks ago
Submit #468772 / VDB-289317
wangjiawei
Submit #468769: 1000 Projects Portfolio Management System MCA Project v1.0 Unrestricted Upload [Accepted]
11 months 2 weeks ago
Submit #468769 / VDB-289316
wangjiawei
CVE-2024-12951 | 1000 Projects Portfolio Management System MCA 1.0 add_personal_details.php profile unrestricted upload
11 months 2 weeks ago
A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected is an unknown function of the file /add_personal_details.php. The manipulation of the argument profile leads to unrestricted upload.
This vulnerability is traded as CVE-2024-12951. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #468683: comfyui comfy_mtb v0.1.4 Code Injection [Accepted]
11 months 2 weeks ago
Submit #468683 / VDB-289315
CVE-2024-12950 | code-projects Travel Management System 1.0 /subcat.php catid sql injection
11 months 2 weeks ago
A vulnerability was found in code-projects Travel Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /subcat.php. The manipulation of the argument catid leads to sql injection.
The identification of this vulnerability is CVE-2024-12950. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12949 | code-projects Travel Management System 1.0 /package.php subcatid sql injection
11 months 2 weeks ago
A vulnerability was found in code-projects Travel Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /package.php. The manipulation of the argument subcatid leads to sql injection.
This vulnerability was named CVE-2024-12949. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12948 | code-projects Travel Management System 1.0 /detail.php pid sql injection
11 months 2 weeks ago
A vulnerability was found in code-projects Travel Management System 1.0. It has been classified as critical. This affects an unknown part of the file /detail.php. The manipulation of the argument pid leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-12948. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #468644: 1000 Projects Portfolio Management System MCA Project v1.0 Unrestricted Upload [Accepted]
11 months 2 weeks ago
Submit #468644 / VDB-289314
wangjiawei
Submit #468543: code-projects Travel Management System Using PHP 1.0.0 SQL Injection [Accepted]
11 months 2 weeks ago
Submit #468543 / VDB-289313
Fergod
Submit #468541: code-projects Travel Management System Using PHP 1 SQL Injection [Accepted]
11 months 2 weeks ago
Submit #468541 / VDB-289312
Fergod
Submit #468538: code-projects Travel Management System Using PHP 1.0 SQL Injection [Accepted]
11 months 2 weeks ago
Submit #468538 / VDB-289311
Havook
CVE-2024-12947 | Codezips Hospital Management System 1.0 /invo.php dname sql injection
11 months 2 weeks ago
A vulnerability was found in Codezips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /invo.php. The manipulation of the argument dname leads to sql injection.
This vulnerability is handled as CVE-2024-12947. The attack may be launched remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
CVE-2024-56430 | OpenFHE up to 1.2.3 binfhe-base-scheme.cpp BinFHEContext::EvalFloor null pointer dereference
11 months 2 weeks ago
A vulnerability has been found in OpenFHE up to 1.2.3 and classified as problematic. Affected by this vulnerability is the function BinFHEContext::EvalFloor in the library lib/binfhe-base-scheme.cpp. The manipulation leads to null pointer dereference.
This vulnerability is known as CVE-2024-56430. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com
CVE-2024-56431 | Theora up to 1.0 7180717 libtheora huffdec.c oc_huff_tree_unpack Privilege Escalation (Issue 17)
11 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Theora up to 1.0 7180717. Affected is the function oc_huff_tree_unpack of the file huffdec.c of the component libtheora. The manipulation leads to Privilege Escalation.
This vulnerability is traded as CVE-2024-56431. Access to the local network is required for this attack. There is no exploit available.
vuldb.com
CVE-2024-12946 | 1000 Projects Attendance Tracking Management System 1.0 /admin/admin_action.php admin_user_name sql injection
11 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0. This issue affects some unknown processing of the file /admin/admin_action.php. The manipulation of the argument admin_user_name leads to sql injection.
The identification of this vulnerability is CVE-2024-12946. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com