[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 254275 Download | Alert*

RainbowFish PacsOne Server 6.8.4 allows XSS.

RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page.

yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.

An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco.

Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server.

Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application.

Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments.

Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication.

Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.

Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow.


Pages:      Start    13662    13663    13664    13665    13666    13667    13668    13669    13670    13671    13672    13673    13674    13675    ..   25427

© SecPod Technologies