The Windows OLE Remote Code Execution Vulnerability allows an attacker to execute arbitrary code on an affected system via maliciously crafted OLE objects. Successful exploitation could enable attackers to install programs; view, change, or delete data; or create new accounts with full user right...

Windows Win32k Elevation of Privilege Vulnerability

A regression vulnerability discovered in OpenSSH's server (sshd) involves a race condition affecting the handling of signals. This vulnerability allows an attacker to exploit the sshd service by failing to authenticate within a specified timeframe. If successfully triggered, this flaw could alter...

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log messag...

The WP-Advanced-Search WordPress plugin, prior to version 3.3.9.2, contains a vulnerability that arises from improper handling of user input in the t parameter. This lack of sanitization and escaping before usage in SQL statements allows unauthenticated users to execute arbitrary SQL queries. As ...

A cross site scripting vulnerability has been identified in version 1.0 of CampCodes School Management Software. The issue is found within the Chat History component, specifically in the /chat/group/send file. An attacker can manipulate the 'message' argument to execute malicious scripts remotely...

A vulnerability exists in the Shiprocket Module for OpenCart that affects its REST API functionality, specifically in the handling of the 'contentHash' argument within the /index.php?route=extension/module/rest_api&action=getOrders endpoint. This flaw can potentially lead to improper authorizatio...

A SQL injection vulnerability has been identified in the Shiprocket Module for OpenCart, specifically within the REST API functionality exposed through /index.php?route=extension/shiprocket/module/restapi. The issue stems from improper handling of the 'x-username' argument, allowing for remote ex...

An unauthenticated server-side request forgery (SSRF) vulnerability in the demon callback handling of Havoc 2 0.7 allows attackers to exploit the system by sending arbitrary network traffic originating from the team server. This flaw enables attackers to make requests from the server to any inter...

The Tenda AC15 router suffers from a stack-based buffer overflow vulnerability in the formSetDevNetName function found in the /goform/SetDevNetName file. This flaw arises from improper handling of the 'mac' argument, allowing attackers to exploit the vulnerability remotely. Once publicly disclose...

A SQL injection vulnerability exists in the ZZCMS 2023 product, specifically within the /index.php file. This weakness arises from improper validation of the 'id' argument, allowing attackers to manipulate SQL queries and potentially gain unauthorized access to sensitive data. Exploitation can be...

A vulnerability exists in the Fantasy-Cricket application, specifically in the /authenticate.php file. This flaw allows attackers to manipulate the 'uname' parameter, leading to SQL injection attacks. The nature of this vulnerability enables remote exploitation, exposing the application to signif...

The Adifier System plugin for WordPress has a vulnerability that allows for privilege escalation through account takeover. This issue arises from the plugin's failure to properly authenticate users prior to permitting updates to sensitive account details, including passwords. As a result, malicio...

A cross-site scripting vulnerability in CampCodes School Management Software version 1.0 affects the Photo Gallery Page component. The issue arises from inadequate input validation in the '/photo-gallery' function, allowing attackers to manipulate the argument 'Description'. This can lead to the ...

A vulnerability has been discovered in Campcodes School Management Software, specifically within the Create Id Card Page component found at the /create-id-card path. This flaw allows for the manipulation of the ID Card Title argument, leading to a cross site scripting (XSS) attack. Attackers may ...

A vulnerability has been identified in the TDuckCloud tduck-platform which allows attackers to perform SQL injection through the QueryProThemeRequest function. This flaw arises from improper manipulation of the color argument found in the file src/main/java/com/tduck/cloud/form/request/QueryProTh...

The List Category Posts Plugin for WordPress, prior to version 0.90.3, is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. This issue arises because the plugin fails to properly validate and escape certain shortcode attributes when rendering pages or posts that incorporate these ...

The SimpleHelp Remote Support Software version 5.5.7 and earlier is susceptible to multiple path traversal vulnerabilities. These vulnerabilities allow unauthenticated remote attackers to exploit the system by crafting specific HTTP requests. Through this exploitation, attackers can download arbi...

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

A SQL injection vulnerability exists in the Codezips Gym Management System 1.0, specifically affecting the /dashboard/admin/edit_member.php file. This flaw allows attackers to manipulate the 'name' argument, potentially leading to unauthorized database access. Exploitation can occur remotely, and...

The vulnerability in Microsoft Configuration Manager allows remote code execution, potentially enabling attackers to gain control over affected systems. This security flaw can be exploited if an attacker sends a specially crafted request to the vulnerable application, leading to unauthorized exec...

A vulnerability exists within the itsourcecode Tailoring Management System 1.0, specifically in the expadd.php file. This flaw is due to insufficient validation of the 'expcat' argument, which allows for SQL injection attacks. As a result, attackers can manipulate the query structure, potentially...

A Cross-Site Scripting (XSS) vulnerability has been identified in the Tourism Management System version 1.0, specifically within the /admin/manage-pages.php file. This vulnerability arises from improper handling of the 'pgedetails' argument, which allows attackers to inject malicious scripts. Suc...

A Cross-Site Scripting (XSS) vulnerability has been identified in the Tourism Management System version 1.0, specifically within the /admin/manage-pages.php file. This vulnerability arises from improper handling of the 'pgedetails' argument, which allows attackers to inject malicious scripts. Suc...

A vulnerability has been discovered in the Car Rental Management System version 1.0 developed by code-projects. Specifically, this issue resides in the file /admin/manage-pages.php, where improper handling of the 'pgdetails' argument allows for cross-site scripting (XSS) attacks. When exploited, ...

A vulnerability has been discovered in the Car Rental Management System version 1.0 developed by code-projects. Specifically, this issue resides in the file /admin/manage-pages.php, where improper handling of the 'pgdetails' argument allows for cross-site scripting (XSS) attacks. When exploited, ...

A vulnerability has been identified in the Attendance Tracking Management System, specifically within the /admin/edit_action.php file. This flaw allows for SQL injection through the manipulation of the attendance_id parameter. Attackers can exploit this vulnerability remotely, potentially comprom...

A vulnerability has been identified within the Codezips Gym Management System version 1.0, specifically impacting the file /dashboard/admin/edit_mem_submit.php. The issue arises from improper handling of the uid parameter, which can lead to SQL injection attacks. Malicious actors can exploit this...

A SQL injection vulnerability has been identified in the 1000 Projects Campaign Management System Platform for Women version 1.0, specifically within the login functionality of the file /Code/loginnew.php. The flaw allows for manipulation of the Username argument, enabling attackers to execute ar...

A vulnerability exists in the 1000 Projects Campaign Management System Platform for Women 1.0, specifically in the file /Code/sc_login.php. An attacker can exploit this vulnerability through the manipulation of the 'uname' argument, allowing for SQL injection attacks that can be executed remotely...

A vulnerability in the Codezips Gym Management System, specifically within the /dashboard/admin/new_submit.php file, allows for SQL injection through improper handling of the m_id argument. This flaw can be exploited remotely by attackers, potentially compromising the integrity and confidentialit...

A SQL injection vulnerability exists in the Code-Projects Chat System 1.0, specifically in the user input processing of /user/leaveroom.php. By manipulating the 'id' parameter, an attacker can execute unauthorized SQL queries, potentially compromising the underlying database. This vulnerability c...

A cross-site scripting vulnerability exists in the Job Recruitment 1.0 application by Code-Projects, specifically in the handling of user input in the file /_parse/_feedback_system.php. This issue allows remote attackers to inject malicious scripts, potentially compromising user data and performi...

A stack-based buffer overflow vulnerability exists in the Train Ticket Reservation System 1.0, specifically in the Login Form component. This issue arises when the 'username' argument is manipulated by an attacker, allowing for potential exploitation. The attack must be conducted locally, thus li...

A command injection vulnerability exists in Tenda AC8, AC10, and AC18 routers due to improper handling of the /goform/telnet functionality by the HTTP Request Handler. This flaw allows an attacker to execute arbitrary commands on the affected devices remotely, potentially gaining unauthorized acc...

A significant SQL injection vulnerability has been identified in the Admission Management System v1.0, specifically affecting the /signupconfirm.php file. The vulnerability arises from improper handling of the 'in_eml' parameter, enabling attackers to manipulate SQL queries remotely. This exploit...

A privilege escalation vulnerability exists in Palo Alto Networks PAN-OS software, allowing an administrator with access to the management web interface to execute actions on the firewall with heightened root privileges. This could potentially lead to unauthorized control and management of the fi...

A stack-based buffer overflow vulnerability exists in Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways, prior to designated versions. This flaw allows a remote unauthenticated attacker to execute arbitrary code on the affected systems, posing significant risks to s...

pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.

An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker...

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform ope...

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third...

A Server-Side Request Forgery (SSRF) vulnerability exists in Microsoft Purview, enabling an authorized attacker to exploit the application to disclose sensitive information over a network. This flaw can allow unauthorized access to internal resources, leading to potential data leakage and comprom...

A stack-based buffer overflow vulnerability exists in Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways, prior to designated versions. This flaw allows a remote unauthenticated attacker to execute arbitrary code on the affected systems, posing significant risks to s...

A vulnerability exists in the D-Link DIR-823X models 240126 and 240802 due to improper handling of a function resulting in a null pointer dereference. This flaw allows remote attackers to exploit the device, potentially leading to a denial of service. Awareness of this vulnerability is crucial as...

A SQL injection vulnerability exists in a specific function of the Fanli2012 native-php-cms version 1.0, located in the file /fladmin/cat_dodel.php. By manipulating the 'id' argument, attackers can execute arbitrary SQL queries against the database. This flaw allows for remote exploitation, posin...

A SQL injection vulnerability exists in the Fanli2012 native-php-cms version 1.0, specifically affecting the processing of the file /fladmin/article_dodel.php. The flaw allows an attacker to manipulate the 'id' argument, enabling unauthorized database operations. This vulnerability can be exploit...

A SQL injection vulnerability has been discovered in Fanli2012's native-php-cms version 1.0, specifically in the /fladmin/friendlink_dodel.php file. The issue arises from improper handling of the 'id' parameter, which allows attackers to manipulate SQL queries. This flaw can be exploited remotely...

A security vulnerability has been identified in the Fanli2012 native-php-cms version 1.0, located specifically in the product_list.php file. This issue allows attackers to manipulate the 'cat' argument, potentially leading to SQL injection attacks. The vulnerability can be exploited remotely, mak...

A security flaw has been identified in Fanli2012 native-php-cms version 1.0, specifically affecting the functionality of the file /fladmin/cat_edit.php. The vulnerability stems from improper handling of the 'id' parameter, allowing for SQL injection attacks that can be executed remotely. Since de...