Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2024
CVE-2024-42571
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at insertattendance.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42553
A Cross-Site Request Forgery (CSRF) in the component admin_room_added.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42554
Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the room_type parameter at admin_room_added.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42555
A Cross-Site Request Forgery (CSRF) in the component admin_room_removed.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42556
Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the room_type parameter at admin_room_removed.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42557
A Cross-Site Request Forgery (CSRF) in the component admin_modify_room.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42558
Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the book_id parameter at admin_modify_room.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42560
A cross-site scripting (XSS) vulnerability in the component update_page_details.php of Blood Bank And Donation Management System commit dc9e039 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Details parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42561
Pharmacy Management System commit a2efc8 was discovered to contain a SQL injection vulnerability via the invoice_number parameter at sales_report.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42335
7Twenty - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
5.4
EPSS Score
0.001
Published
2024-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved