Exploit for Authentication Bypass by Primary Weakness in Crushftp

CVE-2025-31161 is a critical severity vulnerability allowing att...

CVE-2025-36625 Log Poisoning in Nessus

In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application...

CVE-2025-36625 Log Poisoning in Nessus

In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application...

[R1] Nessus Version 10.8.4 Fixes Multiple Vulnerabilities

R1 Nessus Version 10.8.4 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 04/17/2025 - 11:58 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components libxml2, expat were found to contain vulnerabilities, and updated versions have been...

CrushFTP 安全漏洞

CrushFTP is a file transfer server from CrushFTP, Inc. A security vulnerability exists in CrushFTP version 10.x prior to 10.8.4 and version 11.x prior to 11.3.1, which stems from an authentication bypass vulnerability that could lead to account takeover...

PT-2024-26383 · Umbraco · Umbraco Cms

Name of the Vulnerable Software and Affected Versions: Umbraco CMS versions prior to 8.18.13 Umbraco CMS versions prior to 10.8.4 Umbraco CMS versions prior to 12.3.7 Umbraco CMS versions prior to 13.1.1 Description: The issue is a stored Cross-site scripting XSS vulnerability that allows attacke...

Umbraco 安全漏洞

Umbraco is an open source content management system CMS written in C from Umbraco, Denmark. A security vulnerability exists in Umbraco versions prior to 10.8.4, which stems from vulnerability to user enumeration attacks...

MariaDB DoS Vulnerability (CVE-2023-5157) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

RosarioSIS 10.8.4 CSV Injection

Exploit Title: RosarioSIS 10.8.4 - CSV Injection Google Dork:NA Exploit Author: Ranjeet Jaiswal Vendor Homepage: https://www.rosariosis.org/ Software Link: https://gitlab.com/francoisjacquet/rosariosis/-/archive/v10.8.4/rosariosis-v10.8.4.zip Affected Version: 10.8.4 Category: WebApps Tested on:...

RosarioSIS vulnerable to CSV Injection

RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module...

CVE-2023-29918

RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module...

Input validation

RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module...

PT-2023-22475 · Unknown · Rosariosis

Name of the Vulnerable Software and Affected Versions: RosarioSIS version 10.8.4 Description: The issue concerns a CSV injection vulnerability via the Periods Module. Recommendations: For RosarioSIS version 10.8.4, consider disabling access to the Periods Module until a patch is available. At the...

CVE-2023-29918

CVE-2023-29918 affects RosarioSIS 10.8.4, with a CSV injection vulnerability in the Periods Module. Root cause: CSV injection in a module used for reporting/exports. Impact as per CVSS: Confidentiality and Integrity Low, Availability None; Attack Vector Network, User Interaction Required, Privile...

RosarioSIS 安全漏洞

RosarioSIS is a free and open source student information system. It is used to manage students, create reports and make the right decisions. A security vulnerability exists in RosarioSIS version 10.8.4 that stems from a CSV injection in Periods Module...

MariaDB DoS Vulnerability (MDEV-28719) - Windows

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-28719) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-26431, MDEV-23809) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-26410, MDEV-22001) - Windows

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

CVE-2021-20631

Improper input validation vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attacker to alter the data of Custom App via unspecified vectors...