CVE-2023-48949

An issue in the boxadd function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

PT-2023-8881 · Openlink +2 · Virtuoso-Opensource +2

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.11 Description: The issue is related to the box add function in the virtuoso-opensource platform, which allows attackers to cause a Denial of Service DoS after running a SELECT statement. This is due t...

CVE-2023-6109

The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to on...

WordPress Plugin YOP Poll Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

AZL-28594 CVE-2020-22218 affecting package libssh2 for versions less than 1.9.0-3

An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory...

DEBIAN-CVE-2020-22218

An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory...

CVE-2023-3790

A vulnerability has been found in Boom CMS 8.0.7 and classified as problematic. Affected by this vulnerability is the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely. The exploit ha...

CVE-2023-36162

Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php...

PT-2023-25462 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS versions 2023 and earlier Description: The issue allows a remote attacker to gain privileges via the add function in adminlist.php. This is a Cross Site Request Forgery vulnerability. Recommendations: For ZZCMS versions 2023 and earlier...

PT-2025-26012 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the block layer and the blk-rq-qos framework. The issue occurs when the io.cost.qos file is written by two CPUs...

XunRuiCMS 安全漏洞

XunRuiCloud Software Development XunRuiCMS XunRui CMS is an open source content management system CMS from China XunRuiCloud Software Development Company. XunRuiCMS v4.3.3 to v4.5.1 version of a security vulnerability, the vulnerability stems from the existence of PHP file write and file...

Vagrant 安全漏洞

Vagrant is a command line utility for managing the lifecycle of virtual machines. Isolates dependencies and their configurations in a single disposable and consistent environment. Vagrant has a security vulnerability that stems from the boxAdd function not being cleaned up correctly...

Possible Reentrancy Vulnerability

Lines of code Vulnerability details Impact In Add function, in case of non Eth Base Token, LP Tokens are minted for LP Provider before transferring the Base Token from Provider to Contract. In remove function, Fractional Tokens are Transferred to LP Provider before Burning the LP Token. In wrap...

there is no max value for min lp in add function

Lines of code Vulnerability details Impact breaking logic, ... Proof of Concept there is no check Tools Used Recommended Mitigation Steps ad checks to ensure min lp amt is have max --- The text was updated successfully, but these errors were encountered: 👎 2 Shungy and soosh1337 reacted with thum...

in add function forgot to add not zero for minimum lp

Lines of code Vulnerability details Impact problems in the calculation of the system Proof of Concept requirebaseTokenAmount 0 && fractionalTokenAmount 0, "Input token amount is zero"; Tools Used manually Recommended Mitigation Steps add checks like basetoken --- The text was updated successfully...

CVE-2022-44937

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...

CVE-2022-44937

Bosscms v2.0.0 is affected by a Cross-Site Request Forgery (CSRF) in the Add function of the Administrator List module. The issue, documented across multiple sources, indicates that an unauthorized action could be performed by an authenticated user if CSRF protections are not enforced. The CVE is...

BossCMS 跨站请求伪造漏洞

Wenzhou Huoyin Information Technology BossCMS is a content management system based on MySQL architecture of self-developed PHP framework by Wenzhou Huoyin Information Technology. A security vulnerability exists in BossCMS v2.0.0, which was discovered through the add function under the administrat...

CVE-2022-43342

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...