Pagina 4 – Azienda Sicura

Lista CVE 2024/5xxx

CVE nel gruppo: 5xxx

CVE-2024-5064 (Clicca per dettagli)

CVE-2024-5065 (PHPGurukul Online Course Registration System news-details.php sql injection)

CVE-2024-5066 (PHPGurukul Online Course Registration System sql injection)

CVE-2024-5067 (PHPGurukul Online Course Registration System pincode-verification.php sql injection)

CVE-2024-5069 (Exposure of Sensitive Information to an Unauthorized Actor in GitLab)

CVE-2024-5071 (SourceCodester Simple Online Mens Salon Management System view_service.php sql injection)

CVE-2024-5072 (Bookster <= 1.1.0 - Unauthenticated Appointment Status Update)

CVE-2024-5073 (Clicca per dettagli)

CVE-2024-5074 (Essential Addons for Elementor <= 5.9.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Feed)

CVE-2024-5075 (WP eMember < 10.6.6 - Reflected XSS)

CVE-2024-5076 (WP eMember < 10.6.6 - Reflected XSS)

CVE-2024-5077 (WP eMember < 10.6.6 - Bulk Delete via CSRF)

CVE-2024-5079 (WP eMember < 10.6.6 - Stored XSS in Blacklist via CSRF)

CVE-2024-5080 (WP eMember < 10.6.7 - Unauthenticated Stored XSS via Member Registration)

CVE-2024-5081 (WP eMember < 10.6.6 - Admin+ Arbitrary File Upload)

CVE-2024-5082 (WP eMember <= v10.7.0 - Stored XSS via CSRF)

CVE-2024-5083 (Nexus Repository 2 – Remote Code Execution)

CVE-2024-5084 (Nexus Repository 2 – Stored XSS)

CVE-2024-5085 (Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution)

CVE-2024-5086 (Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated PHP Object Injection)

CVE-2024-5087 (Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Carousel Widget)

CVE-2024-5088 (Minimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings Change)

CVE-2024-5089 (Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting)

CVE-2024-5090 (Clicca per dettagli)

CVE-2024-5091 (SiteOrigin Widgets Bundle <= 1.61.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget)

CVE-2024-5092 (SKT Addons for Elementor <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate and Creative Slider Widgets)

CVE-2024-5093 (Elegant Addons for elementor <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Switcher, Slider, and Iconbox Widgets)

CVE-2024-5094 (SourceCodester Best House Rental Management System login.php sql injection)

CVE-2024-5095 (SourceCodester Best House Rental Management System view_payment.php sql injection)

CVE-2024-5096 (Victor Zsviot Camera MQTT Packet denial of service)

CVE-2024-5097 (Hipcam Device MAC Address wifi.mac information disclosure)

CVE-2024-5098 (SourceCodester Simple Inventory System tableedit.php#page=editprice cross-site request forgery)

CVE-2024-5099 (SourceCodester Simple Inventory System login.php sql injection)

CVE-2024-5100 (SourceCodester Simple Inventory System updateprice.php sql injection)

CVE-2024-5101 (SourceCodester Simple Inventory System tableedit.php sql injection)

CVE-2024-5102 (SourceCodester Simple Inventory System updateproduct.php sql injection)

CVE-2024-5103 (Elevation of Privelage via symlinked file in Avast Antivirus)

CVE-2024-5104 (Campcodes Complete Web-Based School Management System student_first_payment.php sql injection)

CVE-2024-5105 (Campcodes Complete Web-Based School Management System student_grade_wise.php sql injection)

CVE-2024-5106 (Campcodes Complete Web-Based School Management System student_payment_details.php sql injection)

CVE-2024-5107 (Campcodes Complete Web-Based School Management System student_payment_details3.php sql injection)

CVE-2024-5108 (Campcodes Complete Web-Based School Management System student_payment_details2.php sql injection)

CVE-2024-5109 (Campcodes Complete Web-Based School Management System student_payment_details4.php sql injection)

CVE-2024-5110 (Campcodes Complete Web-Based School Management System student_payment_history.php sql injection)

CVE-2024-5111 (Campcodes Complete Web-Based School Management System student_payment_invoice.php sql injection)

CVE-2024-5112 (Campcodes Complete Web-Based School Management System student_payment_invoice1.php sql injection)

CVE-2024-5113 (Campcodes Complete Web-Based School Management System student_profile.php sql injection)

CVE-2024-5114 (Campcodes Complete Web-Based School Management System student_profile1.php sql injection)

CVE-2024-5115 (Campcodes Complete Web-Based School Management System teacher_attendance_history1.php sql injection)

CVE-2024-5116 (Campcodes Complete Web-Based School Management System teacher_profile.php sql injection)

CVE-2024-5117 (SourceCodester Online Examination System save.php sql injection)

CVE-2024-5118 (SourceCodester Event Registration System portal.php sql injection)

CVE-2024-5119 (SourceCodester Event Registration System login.php sql injection)

CVE-2024-5120 (SourceCodester Event Registration System sql injection)

CVE-2024-5121 (SourceCodester Event Registration System sql injection)

CVE-2024-5122 (SourceCodester Event Registration System cross site scripting)

CVE-2024-5123 (SourceCodester Event Registration System sql injection)

CVE-2024-5124 (SourceCodester Event Registration System cross site scripting)

CVE-2024-5125 (Timing Attack Vulnerability in gaizhenbiao/chuanhuchatgpt)

CVE-2024-5126 (XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui)

CVE-2024-5127 (Improper Access Control in lunary-ai/lunary)

CVE-2024-5128 (Improper Access Control in lunary-ai/lunary)

CVE-2024-5129 (IDOR Vulnerability in lunary-ai/lunary)

CVE-2024-5130 (Privilege Escalation Vulnerability in lunary-ai/lunary)

CVE-2024-5131 (Incorrect Authorization in lunary-ai/lunary)

CVE-2024-5132 (Improper Access Control in lunary-ai/lunary)

CVE-2024-5133 (Clicca per dettagli)

CVE-2024-5134 (Account Takeover via Exposed Recovery Token in lunary-ai/lunary)

CVE-2024-5135 (SourceCodester Electricity Consumption Monitoring Tool delete-bill.php sql injection)

CVE-2024-5136 (PHPGurukul Directory Management System index.php sql injection)

CVE-2024-5137 (PHPGurukul Directory Management System search-directory.php. cross site scripting)

CVE-2024-5138 (PHPGurukul Directory Management System Searchbar admin-profile.php cross site scripting)

CVE-2024-5141 (Clicca per dettagli)

CVE-2024-5142 (Rotating Tweets (Twitter widget and shortcode) <= 1.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode)

CVE-2024-5143 (XSS in Hubshare’s social module)

CVE-2024-5144 (Clicca per dettagli)

CVE-2024-5145 (Clicca per dettagli)

CVE-2024-5146 (SourceCodester Vehicle Management System HTTP POST Request newdriver.php unrestricted upload)

CVE-2024-5147 (Clicca per dettagli)

CVE-2024-5148 (WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.37 - Unauthenticated Local File Inclusion)

Precedente Successivo