Improper access control

A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /phpaction/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit...

Sql injection

A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection Union. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...

CVE-2022-20858

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this...

CVE-2022-2486

A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used...

[SECURITY] Fedora 35 Update: golang-github-mrunalp-fileutils-0.5.0-5.fc35

Collection of utilities for file manipulation in Go...

CVE-2017-20137

A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7' AND 6539=6539 AND 'Fakj'='Fakj leads to sql...

Sql injection

A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7' AND 6539=6539 AND 'Fakj'='Fakj leads to sql...

CVE-2022-2420

A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects some unknown processing of the file internal/uploader.php. The manipulation leads to unrestricted upload. The attack needs to be approached within the local network. The exploit has been disclosed to...

Design/Logic Flaw

A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/imgupload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the...

CVE-2022-2363

A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /cispms/admin/search/searching/. The manipulation of the argument search with the input "alert"XSS" leads t...

Fedora: Security Advisory for golang-github-mrunalp-fileutils (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388 Impact This vulnerability may allow an unauth...

[SECURITY] Fedora 36 Update: golang-github-mrunalp-fileutils-0.5.0-5.fc36

Collection of utilities for file manipulation in Go...

CVE-2017-20125

A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2017-20117 TrueConf Server group DOM cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...

CVE-2017-20101 ProjectSend information disclosure

A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zipdownload. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely...

Schneider Electric IGSS Data Server Access Control Error Vulnerability (CNVD-2023-38195)

The Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric, France. An Access Control Error vulnerability exists in Schneider Electric IGSS Data Server versions prior to 15.0.0.22140, which stems from the application's lack of...

CVE-2017-20077

A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. This issue affects some unknown processing of the file /admin/successstory.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to th...

Design/Logic Flaw

A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. This issue affects some unknown processing of the file /admin/successstory.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to th...

CVE-2022-32240

When a user opens manipulated Jupiter Tesselation .jt, JTReader.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...