20 matches found
CVE-2023-35817
DevExpress before 23.1.3 allows AsyncDownloader SSRF...
CVE-2023-35816
DevExpress before 23.1.3 allows arbitrary TypeConverter conversion...
PT-2025-18089 · Devexpress · Devexpress
Name of the Vulnerable Software and Affected Versions: DevExpress versions prior to 23.1.3 Description: The issue allows for arbitrary TypeConverter conversion. This could potentially lead to unintended consequences, although specific details about the impact or exploitation of this issue are not...
DevExpress 安全漏洞
DevExpress is a software from the American company DevExpress, Inc. for providing best-in-class UI controls, tools and frameworks for WinForms, ASP.NET, MVC, Blazor, ASP.NET Core, WPF, VCL, Xamarin and JavaScript. A security vulnerability exists in DevExpress versions prior to 23.1.3 that stems...
CVE-2023-35817
DevExpress before 23.1.3 allows AsyncDownloader SSRF...
DevExpress 安全漏洞
DevExpress is a software from the American company DevExpress, Inc. for providing best-in-class UI controls, tools and frameworks for WinForms, ASP.NET, MVC, Blazor, ASP.NET Core, WPF, VCL, Xamarin and JavaScript. A security vulnerability exists in DevExpress versions prior to 23.1.3, which stems...
DevExpress 安全漏洞
DevExpress is a software from the American company DevExpress, Inc. for providing best-in-class UI controls, tools and frameworks for WinForms, ASP.NET, MVC, Blazor, ASP.NET Core, WPF, VCL, Xamarin and JavaScript. A security vulnerability exists in DevExpress versions prior to 23.1.3 that stems...
PT-2024-30448
Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 23.1.3 Description The issue is related to the exposure of sensitive information to an unauthorized actor. This affects the Contest Gallery plugin for WordPress, potentially disclosing unauthorized comment use...
Kohya_ss 命令注入漏洞
Kohya is a repository for bmaltais individual developers. A security vulnerability exists in Kohyass versions v22.6.1 through v23.1.3, which stems from a command injection vulnerability in groupimagesgui.py...
CVE-2024-28097
Calendar functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...
CVE-2024-28096
Class functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...
Cross site scripting
Class functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...
CVE-2024-28095 Stored Cross-site Scripting in News functionality in Schoolbox
News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...
Schoolbox Cross-Site Scripting Vulnerability
Schoolbox is an online learning platform from Schoolbox Australia. A cross-site scripting vulnerability exists in Schoolbox versions prior to 23.1.3, which stems from a cross-site scripting vulnerability in the Classes feature that would allow an authenticated attacker to perform a secure operati...
Schoolbox SQL Injection Vulnerability
Schoolbox is an online learning platform from Schoolbox Australia. A SQL injection vulnerability exists in Schoolbox versions prior to 23.1.3, which stems from vulnerability to a blind SQL injection attack that allows an authenticated attacker to read, modify, and delete database records...
Schoolbox Cross-Site Scripting Vulnerability
Schoolbox is an online learning platform from Schoolbox Australia. A cross-site scripting vulnerability exists in Schoolbox versions prior to 23.1.3, which stems from a cross-site scripting vulnerability in the News feature that allows an authenticated attacker to perform a secure operation in an...
PT-2024-22264 · Schoolbox · Schoolbox
Name of the Vulnerable Software and Affected Versions: Schoolbox versions prior to 23.1.3 Description: The issue concerns stored cross-site scripting in the calendar functionality, allowing an authenticated attacker to perform security actions in the context of affected users. Recommendations: Fo...
Schoolbox Cross-Site Scripting Vulnerability
Schoolbox is an online learning platform from Schoolbox Australia. A cross-site scripting vulnerability exists in Schoolbox versions prior to 23.1.3, which stems from a cross-site scripting vulnerability in the Calendar feature that allows an authenticated attacker to perform a secure operation i...
PT-2024-22262 · Schoolbox · Schoolbox
Name of the Vulnerable Software and Affected Versions: Schoolbox versions prior to 23.1.3 Description: The issue concerns stored cross-site scripting in the news functionality, allowing an authenticated attacker to perform security actions in the context of affected users. Recommendations: For...
PT-2024-22261 · Schoolbox · Schoolbox
Name of the Vulnerable Software and Affected Versions: Schoolbox versions prior to 23.1.3 Description: The issue concerns a blind SQL Injection vulnerability in the chat functionality of the Schoolbox application. This vulnerability allows authenticated attackers to read, modify, and delete...