Alerts

kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php,

A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database...

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_department.php.

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_class.php.

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads.

An issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack.

A vulnerability was found in OIDC-Client. When using the RH SSO OIDC adapter with EAP 7.x or when using the elytron-oidc-client subsystem with EAP 8.x, authorization code injection attacks can...

unstructured v.0.14.2 and before is vulnerable to XML External Entity (XXE) via the XMLParser.

Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Winter CMS prior to versions 1.2.7, 1.1.11, and 1.0.476 allow users with access to the CMS...

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0 and prior to version 11.3.0, when setting `WEBSOCKETS_GRAPHQL_AUTH` or...