Common Vulnerabilities and Exposures (CVE)

CVE-2024-6276

Jun 24, 2024 01:31:04 UTC

A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. This issue affects some unknown processing of the file teacher.php of the component Teacher Page. The manipulation of ...

CVE-2024-6275

Jun 24, 2024 01:00:08 UTC

A vulnerability classified as critical was found in lahirudanushka School Management System 1.0.0/1.0.1. This vulnerability affects unknown code of the file parent.php of the component Parent Page. The manipulation of the argument update le...

CVE-2024-6274

Jun 24, 2024 01:00:06 UTC

A vulnerability classified as critical has been found in lahirudanushka School Management System 1.0.0/1.0.1. This affects an unknown part of the file /attendancelist.php of the component Attendance Report Page. The manipulation of the argu...

CVE-2024-3121

Jun 24, 2024 00:00:14 UTC

A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker t...

CVE-2024-39337

Jun 23, 2024 23:06:26 UTC

Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass.

CVE-2024-39334

Jun 23, 2024 22:40:04 UTC

MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the details of this transaction in the client, files can be written to the computer on which the client pr...

CVE-2024-6273

Jun 23, 2024 22:00:05 UTC

A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as problematic. Affected by this vulnerability is the function save_patient of the file patient_side.php. The manipulation of the argument Full Name...

CVE-2024-39331

Jun 23, 2024 21:12:20 UTC

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.

CVE-2024-2700

Jun 23, 2024 16:05:09 UTC

A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at bu...

CVE-2024-4841

Jun 23, 2024 14:33:33 UTC

A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode' function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. By exploiting ...

CVE-2024-6269

Jun 23, 2024 11:31:04 UTC

A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function get_ip.addr_details of the file /view/vpn/autovpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipul...

CVE-2024-6268

Jun 23, 2024 09:31:04 UTC

A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. Affected by this issue is some unknown functionality of the file login.php of the component Login Page. The manipulati...

CVE-2024-6267

Jun 23, 2024 08:59:31 UTC

A vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Affected by this vulnerability is an unknown functionality of the file system_info/index.php of the component System Info Page. Th...

CVE-2024-6266

Jun 23, 2024 02:00:10 UTC

A vulnerability classified as critical has been found in Pear Admin Boot up to 2.0.2. Affected is an unknown function of the file /system/dictData/loadDictItem. The manipulation leads to sql injection. It is possible to launch the attack re...

CVE-2024-38319

Jun 22, 2024 18:56:34 UTC

IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830.