14 matches found
EUVD-2020-22466
Malware in sbrugna...
EUVD-2024-19961
Malicious code in bioql PyPI...
CVE-2024-22408
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fix...
CVE-2024-22408
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fix...
Design/Logic Flaw
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fix...
CVE-2024-22408 Server-Side Request Forgery (SSRF) in Shopware Flow Builder
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fix...
CVE-2024-22408 Server-Side Request Forgery (SSRF) in Shopware Flow Builder
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fix...
Shopware Code Issues Vulnerabilities
Shopware is a suite of open source e-commerce software from German company Shopware. A code issue vulnerability exists in Shopware versions 6.5.7.3 and earlier, which stems from the Flow Builder functionality not being able to adequately validate request URLs, allowing an attacker to perform web...
PT-2024-19398 · Shopware · Shopware
Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.5.7.4 Shopware version 6.4 Description: The Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to...
Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2020 CPU)
The version of Oracle Application Testing Suite installed on the remote host is affected by multiple vulnerabilities : - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Oracle Flow Builder Jython. Supported versions that are affected are...
CVE-2020-2673
Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Oracle Flow Builder. Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
CVE-2020-2673
Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Oracle Flow Builder. Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
CVE-2020-2673
Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Oracle Flow Builder. Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
Oracle Application Testing Suite CVE-2020-2673 Remote Security Vulnerability
Description Oracle Application Testing Suite is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Oracle Flow Builder' component is affected. This vulnerability affects the following supported versions: 12.5.0.3, 13.1.0.1, 13.2.0.1, 13.3.0...