CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32929
https://notcve.org/view.php?id=CVE-2024-32929
This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2024-05-01 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-37859 – Lost And Found Information System 1.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-37859
Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the page parameter to php-lfis/admin/index.php. • http://lost.com https://packetstormsecurity.com/files/179081/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-37857 – Lost And Found Information System 1.0 SQL Injection
https://notcve.org/view.php?id=CVE-2024-37857
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php. • http://lost.com https://packetstormsecurity.com/files/179080/Lost-And-Found-Information-System-1.0-SQL-Injection.html https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-37858 – Lost And Found Information System 1.0 SQL Injection
https://notcve.org/view.php?id=CVE-2024-37858
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php. • http://lost.com https://packetstormsecurity.com/files/179079/Lost-And-Found-Information-System-1.0-SQL-Injection.html https://www.sourcecodester.com • CWE-269: Improper Privilege Management •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-37856 – Lost And Found Information System 1.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-37856
Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page. • http://lost.com https://packetstormsecurity.com/files/179078/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •