Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-12	CVE-2024-38200	Unspecified vulnerability in Microsoft products Microsoft Office Spoofing Vulnerability network low complexity microsoft	6.5
2024-08-12	CVE-2024-40473	Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "manage_houses.php" in SourceCodester Best House Rental Management System v1.0. network low complexity mayurik CWE-79	5.4
2024-08-12	CVE-2024-40474	Cross-site Scripting vulnerability in Mayurik Best House Rental Management System 1.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in "edit-cate.php" in SourceCodester House Rental Management System v1.0. network low complexity mayurik CWE-79	5.4
2024-08-12	CVE-2024-40478	Cross-site Scripting vulnerability in Jayesh Online Exam System 1.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields network low complexity jayesh CWE-79	5.4
2024-08-12	CVE-2024-40481	Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter. network low complexity phpgurukul CWE-79	5.4
2024-08-12	CVE-2024-40484	Cross-site Scripting vulnerability in PHPgurukul OLD AGE Home Management System 1.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter. network low complexity phpgurukul CWE-79	6.1
2024-08-12	CVE-2024-41332	Unspecified vulnerability in Oretnom23 Computer Laboratory Management System 1.0 Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories. network low complexity oretnom23	6.5
2024-08-12	CVE-2024-41481	Cross-site Scripting vulnerability in Typora Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the Mermaid component. network low complexity typora CWE-79	6.1
2024-08-12	CVE-2024-41482	Cross-site Scripting vulnerability in Typora Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component. network low complexity typora CWE-79	6.1
2024-08-12	CVE-2024-41888	Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. network low complexity apache CWE-772	5.3

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium