Riasztások

A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access sensitive information due to improper access control...

Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution.

eLabFTW is an open source electronic lab notebook for research labs. A vulnerability has been found starting in version 4.6.0 and prior to version 5.1.0 that allows an attacker to bypass...

Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to...

The Trix rich text editor, prior to versions 2.1.9 and 1.3.3, is vulnerable to cross-site scripting (XSS) + mutation XSS attacks when pasting malicious code. An attacker could trick a user to copy...

Altair is a GraphQL client for all platforms. Prior to version 8.0.5, Altair GraphQL Client's desktop app does not validate HTTPS certificates allowing a man-in-the-middle to intercept all...

Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacher_avatar.php.

A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access...

A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get...

A SQL Injection was found in /admin/edit_content.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database...