Alerts

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed...

OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.

macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys are hardcoded and do not change. User information is explicitly written into the JWT and used...

A SQL injection vulnerability exists in the front-end of the website in ZZCMS

A Host Header Injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP...

The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are...

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs...

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file signup.php of the...

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation...

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component...