[webapps] MobileShop master v1.0 – SQL Injection Vuln.
MobileShop master v1.0 – SQL Injection Vuln.
[webapps] Tourism Management System v2.0 – Arbitrary File Upload
Tourism Management System v2.0 – Arbitrary File Upload
[webapps] Nagios XI Version 2024R1.01 – SQL Injection
Nagios XI Version 2024R1.01 – SQL Injection
[webapps] Insurance Management System PHP and MySQL 1.0 – Multiple Stored XSS
Insurance Management System PHP and MySQL 1.0 – Multiple Stored XSS
CVE-2024-29187 | WiX Toolset up to 3.14.0/4.0.4 on Windows Installer C:\Windows\Temp permission assignment
A vulnerability was found in WiX Toolset up to 3.14.0/4.0.4 on Windows. It has been declared as critical. This vulnerability affects unknown code of the file C:\Windows\Temp of the component Installer. The manipulation leads to incorrect permission ass…
CVE-2024-29194 | OneUptime 7.0.1803 is_master_admin authorization (GHSA-246p-xmg8-wmcq)
A vulnerability was found in OneUptime 7.0.1803. It has been classified as critical. This affects an unknown part. The manipulation of the argument is_master_admin leads to authorization bypass.
This vulnerability is uniquely identified as CVE-2024-29…
CVE-2024-29034 | CarrierWave up to 2.2.5/3.0.6 Incomplete Fix CVE-2023-49090 Content-Type interpretation conflict
A vulnerability was found in CarrierWave up to 2.2.5/3.0.6 and classified as problematic. Affected by this issue is some unknown functionality of the component Incomplete Fix CVE-2023-49090. The manipulation of the argument Content-Type leads to interp…