20 matches found
PT-2026-30917
Name of the Vulnerable Software and Affected Versions OpenIdentityPlatform OpenAM versions prior to 16.0.6 Description OpenIdentityPlatform OpenAM is susceptible to pre-authentication Remote Code Execution RCE due to unsafe Java deserialization of the jato.clientSession HTTP parameter. This...
CVE-2025-67736
The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...
CVE-2025-67736
The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...
CVE-2025-67736 Authenticated SQL Injection in FreePBX tts (Text To Speech) module
The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...
CVE-2025-67736 Authenticated SQL Injection in FreePBX tts (Text To Speech) module
The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...
PT-2025-51353
Name of the Vulnerable Software and Affected Versions FreePBX tts module versions prior to 16.0.5 FreePBX tts module versions prior to 17.0.5 Description The Text to Speech tts module for FreePBX, a web-based graphical user interface for Asterisk, contains a SQL injection flaw. Authenticated user...
EUVD-2023-2712
Malicious code in bioql PyPI...
CVE-2023-5842 Cross-site Scripting (XSS) - Stored in dolibarr/dolibarr
Cross-site Scripting XSS - Stored in GitHub repository dolibarr/dolibarr prior to 16.0.5...
Dolibarr Cross-Site Scripting Vulnerability
Dolibarr is a software application. A modern software package that helps manage your organization's activities. A cross-site scripting vulnerability exists in Dolibarr versions prior to 16.0.5, which stems from the presence of a stored cross-site scripting XSS vulnerability...
PT-2023-32373 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: dolibarr/dolibarr versions prior to 16.0.5 Description: The issue is related to Cross-site Scripting XSS - Stored. This means that an attacker can inject malicious scripts into the website, which will be executed by other users' browsers. The...
PT-2023-23114 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.0 through 16.0.5 GitLab EE versions 16.1 through 16.1.0 Description: A sensitive information leak issue has been discovered, allowing access to titles of private issues and merge requests. Recommendations: For GitLab EE...
UBUNTU-CVE-2023-3424
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. A Regular Expression Denial of Service was possible via sending crafted payloads to the...
UBUNTU-CVE-2023-3363
An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1, resulted in the Sidekiq log including webhook tokens when the log format was set to default...
PT-2023-24393 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: Dolibarr versions 16.0.0 through 16.0.4 Description: An issue in Dolibarr allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact fil...
CVE-2021-41242
OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files...
Path traversal
OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files...
CVE-2021-41242 Path Traversal in some REST methods leading to file upload to arbitrary places
OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files...
OpenOLAT 路径遍历漏洞
OpenOLAT is a web-based e-learning platform for teaching, learning, assessing and communicating with an LMS, a learning management system. a security vulnerability exists in versions of OpenOlat prior to 15.5.12 and 16.0.5, which stems from the fact that by providing a file name containing a...
PT-2021-23207 · Openolat · Openolat
Name of the Vulnerable Software and Affected Versions: OpenOlat versions prior to 15.5.12 and 16.0.5 Description: A path traversal issue exists in OpenOlat, allowing an attacker to create directory structures and write files anywhere on the target system by providing a filename with a relative pa...
Siemens Tecnomatix Plant Simulation 安全漏洞
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. It uses the power of discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. A security vulnerability exists in Tecnomatix Plant Simulation. The...