Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-28 | CVE-2024-9298 | Authorization Bypass Through User-Controlled Key vulnerability in Oretnom23 Railway Reservation System 1.0 A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. | 4.3 |
| 2024-09-28 | CVE-2024-9299 | Cross-site Scripting vulnerability in Oretnom23 Railway Reservation System 1.0 A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservation System 1.0. | 5.4 |
| 2024-09-28 | CVE-2024-8189 | Cross-site Scripting vulnerability in Ngothang WP Multitasking The WP MultiTasking – WP Utilities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpmt_menu_name’ parameter in all versions up to, and including, 0.1.17 due to insufficient input sanitization and output escaping. | 4.8 |
| 2024-09-28 | CVE-2024-9297 | Missing Authorization vulnerability in Oretnom23 Railway Reservation System 1.0 A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. | 6.3 |
| 2024-09-28 | CVE-2024-8712 | Cross-site Scripting vulnerability in Stape GTM Server Side The GTM Server Side plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.1.19. | 6.1 |
| 2024-09-28 | CVE-2024-9296 | SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability was found in SourceCodester Advocate Office Management System 1.0. | 9.8 |
| 2024-09-28 | CVE-2024-23923 | Use After Free vulnerability in Alpsalpine Ilx-F509 Firmware 6.0.000 Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. | 8.8 |
| 2024-09-28 | CVE-2024-23924 | OS Command Injection vulnerability in Alpsalpine Ilx-F509 Firmware 6.0.000 Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. | 6.8 |
| 2024-09-28 | CVE-2024-23935 | Out-of-bounds Write vulnerability in Alpsalpine Ilx-F509 Firmware 6.0.000 Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. | 7.5 |
| 2024-09-28 | CVE-2024-23958 | Use of Hard-coded Credentials vulnerability in Autel Maxicharger AC Elite Business C50 Firmware 1.32.00 Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. | 8.8 |