6 matches found
EUVD-2022-44064
Malicious code in bioql PyPI...
SUSE CVE-2010-4569
Cross-site scripting XSS vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI...
CVE-2022-40798
OcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain the real email, sending the same request with correct email its possible to account takeover...
Design/Logic Flaw
OcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain the real email, sending the same request with correct email its possible to account takeover...
CVE-2022-40798
OcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain the real email, sending the same request with correct email its possible to account takeover...
CVE-2022-40798
OcoMon 4.0RC1 is affected by an Incorrect Access Control vulnerability. An attacker can retrieve the real email via a crafted request, and by repeating the request with the correct email may achieve account takeover. Affected product/version: OcoMon 4.0RC1. Root cause stated: improper access cont...