VulDB Recent Entries

A vulnerability, which was classified as problematic, has been found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. This issue affects some unknown processing. The manipulation leads to incorrect authorization. The identification of this vulnerability is CVE-2024-45125. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-45123. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. This affects an unknown part of the component Link Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-45116. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to server-side request forgery. This vulnerability is handled as CVE-2024-45119. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-45124. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-45122. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10 and classified as critical. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2024-45121. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to time-of-check time-of-use. This vulnerability was named CVE-2024-45120. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. This affects an unknown part. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2024-45118. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. Affected by this issue is some unknown functionality. The manipulation leads to improper authentication. This vulnerability is handled as CVE-2024-45115. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper input validation. This vulnerability is known as CVE-2024-45117. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in SourceCodester Online Veterinary Appointment System 1.0. Affected is an unknown function of the file /admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. This vulnerability is traded as CVE-2024-9818. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.2.8/17.3.4/17.4.1. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to incorrect authorization. The identification of this vulnerability is CVE-2024-9623. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ZTE ZXR10 1800-2S, ZXR10 2800-4, ZXR10 3800-8 and ZXR10 160 up to 4.00.10. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper privilege management. This vulnerability was named CVE-2024-22068. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in code-projects Blood Bank System 1.0. It has been classified as critical. This affects an unknown part of the file /update.php. The manipulation of the argument name leads to sql injection. This vulnerability is uniquely identified as CVE-2024-9817. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. This vulnerability is handled as CVE-2024-9816. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. This vulnerability is known as CVE-2024-9815. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Codezips Pharmacy Management System 1.0. Affected is an unknown function of the file product/update.php. The manipulation of the argument id leads to sql injection. This vulnerability is traded as CVE-2024-9814. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Codezips Pharmacy Management System 1.0. This issue affects some unknown processing of the file product/register.php. The manipulation of the argument category leads to sql injection. The identification of this vulnerability is CVE-2024-9813. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in code-projects Crud Operation System 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument sid leads to sql injection. This vulnerability was named CVE-2024-9812. The attack can be initiated remotely. Furthermore, there is an exploit available.