CVE-2021-38120 Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication

A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1...

CVE-2021-38122 Cross-Site Scripting (XSS) in Advance Authentication

A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1...

CVE-2021-38122

NetIQ Advance Authentication is affected by a Cross-Site Scripting (XSS) vulnerability affecting versions prior to 6.3.5.1. The issue enables execution of arbitrary scripts via unfiltered user input, impacting server functionality and potentially exposing sensitive data. Affected component is the...

openSUSE Security Advisory (SUSE-SU-2024:2786-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-8209

A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file addClient.php. The manipulation of the argument CLIENT ID leads to cross site scripting. The attack may be launched...

GHSA-2Q4W-X8H2-2FVH Flowise Authentication Bypass vulnerability

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...

Flowise Authentication Bypass vulnerability

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...

CVE-2024-8181

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...

CVE-2024-8181

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...

CVE-2024-8181 Flowise Authentication Bypass

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...

CVE-2024-8181 Flowise Authentication Bypass

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...

CVE-2024-8181

Affected software: Flowise

PT-2024-10988 · Netiq · Netiq Advance Authentication

Name of the Vulnerable Software and Affected Versions: NetIQ Advance Authentication versions prior to 6.3.5.1 Description: A vulnerability identified in Advance Authentication allows bash command injection in administrative controlled functionality of backup due to improper handling in provided...

CVE-2024-8168

The CVE-2024-8168 issue affects code-projects Online Bus Reservation Site 1.0, specifically a SQL injection in the login.php file via the Username parameter. The vulnerability is exploitable remotely and has been disclosed publicly. Multiple connected sources (Red Hat, NVD, CVE list, CNVD/CNNVD, ...

PT-2024-38739 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The issue was initially considered but further investigation showed it does not pose a security risk as it falls within the expected functionality and security controls of th...

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config Vulnerability

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...

CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-28987

SolarWinds Web Help Desk (WHD) is affected by a hardcoded credential vulnerability that allows remote, unauthenticated access to internal functionality and data modification. Affected versions are WHD

CVE-2024-43247

Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WHMpress: from n/a through 6.2-revision-5...