Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-33802
A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the index parameter.
NA
CVE-2024-33849
ci solution CI-Out-of-Office Manager up to and including 6.0.0.77 uses a Hard-coded Cryptographic Key.
NA
CVE-2024-22590
The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.
NA
CVE-2024-23315
A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated pac...
NA
CVE-2024-23601
A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
NA
CVE-2024-24851
A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an unauthenticated packet to trigger this vul...
NA
CVE-2024-24958
Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigge...
NA
CVE-2024-33799
A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the id parameter.
NA
CVE-2024-33806
A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the id parameter.
NA
CVE-2024-35324
Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »