Magánszemélyeknek

Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..

The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.

The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.

Improper Access Controls allows backend users to overwrite their username when disallowed.

The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors.

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrictions on edited files, attackers can still bypass these...

eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport.

Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit...

This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689 was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server. This RCE...

Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate...