6 matches found
PT-2024-17762 · Emlog Pro · Emlog Pro
Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.1 Description: A problem has been found in Emlog Pro that affects some unknown processing of the file /admin/plugin.php. The manipulation of the argument filter leads to cross site scripting. The attack may be...
@maksym.khudyakov/feature-signup (>=1.0.0-alpha <=1.0.6-alpha), @maksym.khudyakov/feature-todo (>=1.0.0-alpha <=1.0.25-alpha) +20 more potentially affected by CVE-2022-35942 via loopback-connector-postgresql (>=2.4.1 <=3.9.1)
loopback-connector-postgresql NPM version =2.4.1, =1.0.0-alpha, =1.0.0-alpha, =1.0.1, =1.0.0, =1.0.12, =1.0.12, =0.0.13, =0.0.17, =1.0.0, =0.0.2, =0.0.1, =1.0.0, =1.0.1 and more Source cves: CVE-2022-35942 Source advisory: OSV:GHSA-J259-6C58-9M58...
abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +92 more potentially affected by CVE-2021-29569 via tensorflow (>=2.4.0 <=2.4.1)
tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.0.0, =0.0.0.post0 and more Source cves: CVE-2021-29569 Source advisory: OSV:GHSA-3H8M-483J-7XXM...
PT-2021-2186 · Adobe · Magento
Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to an access control bypass vulnerability in the Login as Customer module. Successful exploitation...
PT-2021-2185 · Adobe · Magento
Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to XML injection in the Widgets module of Magento. Successful exploitation could lead to arbitrary...
Quixplorer Input Validation Error Vulnerability
QuiXplorer is a web-based file manager that supports document uploading, downloading, searching, editing and more. Quixplorer has an input validation error vulnerability in version 2.4.1 and earlier, which originates from a cross-site scripting attack caused by improper user-supplied input...