Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-09-28 CVE-2024-9316 SQL Injection vulnerability in Code-Projects Blood Bank System 1.0
A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0.
network
low complexity
code-projects CWE-89
7.5
7.5
2024-09-28 CVE-2024-9315 SQL Injection vulnerability in Oretnom23 Employee and Visitor Gate Pass Logging System 1.0
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0.
network
low complexity
oretnom23 CWE-89
8.8
8.8
2024-09-28 CVE-2024-9300 Cross-site Scripting vulnerability in Oretnom23 Railway Reservation System 1.0
A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0.
network
low complexity
oretnom23 CWE-79
6.1
6.1
2024-09-28 CVE-2024-9298 Authorization Bypass Through User-Controlled Key vulnerability in Oretnom23 Railway Reservation System 1.0
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0.
network
low complexity
oretnom23 CWE-639
4.3
4.3
2024-09-28 CVE-2024-9299 Cross-site Scripting vulnerability in Oretnom23 Railway Reservation System 1.0
A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservation System 1.0.
network
low complexity
oretnom23 CWE-79
5.4
5.4
2024-09-28 CVE-2024-8189 Cross-site Scripting vulnerability in Ngothang WP Multitasking
The WP MultiTasking – WP Utilities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpmt_menu_name’ parameter in all versions up to, and including, 0.1.17 due to insufficient input sanitization and output escaping.
network
low complexity
ngothang CWE-79
4.8
4.8
2024-09-28 CVE-2024-9297 Missing Authorization vulnerability in Oretnom23 Railway Reservation System 1.0
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0.
network
low complexity
oretnom23 CWE-862
6.3
6.3
2024-09-28 CVE-2024-8712 Cross-site Scripting vulnerability in Stape GTM Server Side
The GTM Server Side plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.1.19.
network
low complexity
stape CWE-79
6.1
6.1
2024-09-28 CVE-2024-9296 SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0
A vulnerability was found in SourceCodester Advocate Office Management System 1.0.
network
low complexity
mayurik CWE-89
critical
 9.8
9.8
2024-09-28 CVE-2024-23923 Use After Free vulnerability in Alpsalpine Ilx-F509 Firmware 6.0.000
Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability.
low complexity
alpsalpine CWE-416
8.8
8.8