Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-14 CVE-2024-50835 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50836 Cross-site Scripting vulnerability in Lopalopa E-Learning Management System 1.0
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0.
network
low complexity
lopalopa CWE-79
4.8
4.8
2024-11-14 CVE-2024-11213 SQL Injection vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0.
network
low complexity
mayurik CWE-89
7.2
7.2
2024-11-14 CVE-2024-11214 Unrestricted Upload of File with Dangerous Type vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical.
network
low complexity
mayurik CWE-434
7.2
7.2
2024-11-14 CVE-2022-2232 A flaw was found in the Keycloak package.
network
low complexity
CWE-20
7.5
7.5
2024-11-14 CVE-2024-11210 Path Traversal vulnerability in Eyoucms 1.5.1
A vulnerability was found in EyouCMS 1.51.
network
low complexity
eyoucms CWE-22
5.4
5.4
2024-11-14 CVE-2024-11211 Unrestricted Upload of File with Dangerous Type vulnerability in Eyoucms
A vulnerability classified as critical has been found in EyouCMS up to 1.6.7.
network
low complexity
eyoucms CWE-434
7.2
7.2
2024-11-14 CVE-2024-11212 SQL Injection vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0.
network
low complexity
mayurik CWE-89
8.8
8.8
2024-11-14 CVE-2024-10962 The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deserialization of untrusted input in the 'replace_row_data' and 'replace_serialize_data' functions.
network
low complexity
CWE-502
8.8
8.8
2024-11-14 CVE-2024-11208 Insufficient Session Expiration vulnerability in Apereo Central Authentication Service 6.6.0
A vulnerability was found in Apereo CAS 6.6 and classified as problematic.
network
high complexity
apereo CWE-613
8.1
8.1