CVE-2023-38305

An issue was discovered in Webmin 2.021. The download functionality allows an attacker to exploit a Cross-Site Scripting XSS vulnerability. By providing a crafted download path containing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the...

Inability of Followers and Followees to Commenting

Lines of code Vulnerability details Impact The lack of functionality restricts interaction and engagement between the profile owner and their followers or the users they follow. This limitation diminishes the platform's value, as users who are interested in a post or have a genuine reason to...

CVE-2023-35078

An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication...

CVE-2023-35078

An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication...

Cisco Nexus 1000V VSM to vCenter Communication Man-in-the-Middle (CVE-2013-1212)

The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module VSM to VMware vCenter communication, via a crafted certificate, aka Bug ID CSCud14837...

CVE-2023-3861

A vulnerability was found in phpscriptpoint Insurance 1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier VDB-235213 was...

CVE-2022-46290

Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that...

Design/Logic Flaw

Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.nAtoms...

CVE-2022-46289

Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.nAtoms...

PT-2023-4404 · Unknown +1 · Open Babel +1

Name of the Vulnerable Software and Affected Versions: Open Babel versions 3.1.1 and prior Description: The issue is related to the use of an uninitialized pointer in the MSI format atom functionality of Open Babel. This can be exploited by providing a specially crafted malformed file, potentiall...

CVE-2023-3785 PaulPrinting CMS cross site scripting

A vulnerability was found in PaulPrinting CMS 2018. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument firstname/lastname/address/city/state leads to cross site scripting. The attack may be launched remotely. The exploit has be...

CVE-2023-3784

A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched remotely. The...

CVE-2023-37362

Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...

Intergard SGS 授权问题漏洞

Intergard SGS is a security appliance from Brazilian company Intergard. An authorization issue vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of unknown functionality in the application, resulting in a privilege issue...

CVE-2023-22022

Vulnerability in the Oracle Health Sciences Sciences Data Management Workbench product of Oracle Health Sciences Applications component: Blinding Functionality. Supported versions that are affected are 3.1.0.2, 3.1.1.3 and 3.2.0.0. Easily exploitable vulnerability allows low privileged attacker...

1Panel command injection vulnerability in Firewall ip functionality

Summary An OS command injection vulnerability exists in 1Panel firewall functionality. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. Details 1Panel firewall functionality /hosts/firewall/...

CVE-2023-37477 Command injection in firewall ip functionality in 1Panel

1Panel is an open source Linux server operation and maintenance management panel. An OS command injection vulnerability exists in 1Panel firewall functionality. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger...

Oracle Health Sciences Applications 安全漏洞

Oracle Health Sciences Applications is a suite of clinical development solutions for the healthcare industry from Oracle Corporation. A security vulnerability in Oracle Health Sciences Applications' Oracle Health Sciences Sciences Data Management Workbench product, which originates in the Blindin...

PT-2023-3969 · Oracle · Oracle Health Sciences Data Management Workbench

Name of the Vulnerable Software and Affected Versions: Oracle Health Sciences Sciences Data Management Workbench versions 3.1.0.2, 3.1.1.3, 3.2.0.0 Description: The issue is related to the Blinding Functionality component of the Oracle Health Sciences Sciences Data Management Workbench product. I...

VX-API - Collection Of Various Malicious Functionality To Aid In Malware Development

The VX-API is a collection of malicious functionality to aid in malware development. It is recommended you clone and/or download this entire repo then open the Visual Studio solution file to easily explore functionality and concepts. Some functions may be dependent on other functions present with...