19 matches found
CVE-2026-35240 affecting package mysql for versions less than 8.0.46-1
CVE-2026-35240 affecting package mysql for versions less than 8.0.46-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-39703 affecting package kernel for versions less than 5.15.200.1-1
CVE-2025-39703 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...
Ethercreative Logs 3.0.3 - Path Traversal
Exploit Title: Ethercreative Logs 3.0.3 - Path Traversal Date: 2022.01.26 Exploit Author: Steffen Rogge, SC Vendor Homepage: https://github.com/ethercreative/logs Software Link: https://plugins.craftcms.com/logs Version: =3.0.4 impact: Medium found: 2021-07-06 SEC Consult Vulnerability Lab An...
PT-2024-34193 · Unknown · Wpsoul Greenshift
Name of the Vulnerable Software and Affected Versions: Wpsoul Greenshift – animation and page builder blocks versions 9.7 and earlier Description: The issue is related to Incorrect Authorization, allowing exploitation due to incorrectly configured access control security levels. Recommendations:...
PT-2024-25549 · Macho Themes · Machothemes Cpo Companion
Name of the Vulnerable Software and Affected Versions: MachoThemes CPO Companion versions 1.1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...
PT-2023-28104 · Unknown · Pandora Fms
Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 773 Description: The issue is related to Improper Privilege Management, allowing a user to escalate permissions on the system shell. This enables Privilege Escalation. Recommendations: For Pandora FMS versions...
PT-2021-10741 · Unknown · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue allows remote unauthenticated users to exploit it and obtain user sensitive information due to a sensitive information disclosure vulnerability in multiple areas...
Path Traversal
Overview browserless-chrome is a web-service that allows for remote clients to connect, drive, and execute headless work; all inside of docker. It offers first-class integrations for puppeteer, playwright, selenium's webdriver, and a slew of handy REST APIs for doing more common work. Affected...
PT-2017-12941
Name of the Vulnerable Software and Affected Versions Android versions 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 Description The issue is related to an elevation of privilege vulnerability in the Android system, specifically in the art component. This could potentially allow for unauthorized acce...
REDDOXX Appliance Undocumented Administrative Service Account Vulnerability
Exploit for jsp platform in category web applications Undocumented Administrative Service Account in REDDOXX Appliance RedTeam Pentesting discovered an undocumented service account in the REDDOXX appliance software, which allows attackers to access the administrative interface of the appliance an...
eGroupWare 1.0 - sitemgr-siteindex.php?category_id Cross-Site Scripting
eGroupWare 1.0 - sitemgr-siteindex.php?categoryid Cross-Site Scripting source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate...
eGroupWare 1.0 - index.php?cats_app SQL Injection
eGroupWare 1.0 - index.php?catsapp SQL Injection source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input. Thes...
eGroupWare 1.0 - ttsindex.php?filter SQL Injection
eGroupWare 1.0 - ttsindex.php?filter SQL Injection source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input...
eGroupWare 1.0 - 'index.php?cats_app' SQL Injection
source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL...
eGroupWare 1.0 - '/tts/index.php?filter' SQL Injection
source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL...
BadBlue Remote Administrative Interface Access Vulnerability
BadBlue Remote Administrative Access Vulnerability I. Synopsis Affected Systems: BadBlue 1.7 BadBlue 2.0 BadBlue 2.1 BadBlue 2.2 Immune Systems: BadBlue 2.3 NOTE: BadBlue 1.6 and prior may be impacted; these systems were not tested. Risk: High Remote LocalSystem Compromise Vendor URL:...
PTL-2002-03 Betsie XSS Vuln
PenTest Limited www.pentest-limited.com Security Advisory XSS bug in Betsie Announcement date: 1st July 2002 Reference: ptl-2002-03 Advisory Details ---------------- Product: Betsie Vulnerable versions: 1.5.11 and all versions before Vulnerability Type : Input Validation Error Platforms: All...
Perception LiteServe MS-DOS filename vulnerability
Perception LiteServe http://www.cmfperception.com/liteserve.html is a Web, FTP and e-Mail server for Win. When GET requests are made to LiteServe's webserver with the name of the cgi-bin directory as a MS-DOS directory name eg. cgi-shizznitch=CGI-SH1 and cgi-bin=CGI-BIN, LiteServe will read the...
linuxconf.txt
Date: Sat, 22 Aug 1998 20:35:42 -0500 From: Alex Mottram Subject: Security concerns in linuxconf shipped w/RedHat 5.1 There exists a security / DOS problem with linuxconf-1.11.r11-rh3/i386 as upgraded from RedHat's FTP site. No other versions have been tested by me. Both the maintainer of linuxco...