Security Vulnerabilities - CVEs Published In August 2024
Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-08-20
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/submit_page.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrary website via a crafted URL.
CVSS Score
8.1
EPSS Score
0.003
Published
2024-08-20
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure.
CVSS Score
7.5
EPSS Score
0.006
Published
2024-08-20
A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-08-20
A Cross-Site Request Forgery (CSRF) in the component delete_media.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
A Cross-Site Request Forgery (CSRF) in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-08-20
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-20
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-20