Security Vulnerabilities - CVEs Published In August 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
CVSS Score
6.8
EPSS Score
0.002
Published
2024-08-01
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
CVSS Score
6.4
EPSS Score
0.001
Published
2024-08-01
A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=login of the component Login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273345 was assigned to this vulnerability.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-08-01
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273351.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-08-01
Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information.
CVSS Score
9.1
EPSS Score
0.001
Published
2024-08-01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.
CVSS Score
8.0
EPSS Score
0.008
Published
2024-08-01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.
CVSS Score
8.5
EPSS Score
0.016
Published
2024-08-01
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request Forgery.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.4.7.
CVSS Score
4.9
EPSS Score
0.004
Published
2024-08-01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3.
CVSS Score
9.0
EPSS Score
0.016
Published
2024-08-01
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
CVSS Score
6.4
EPSS Score
0.002
Published
2024-08-01