PT-2023-15472 · Zentao · Zentao

Name of the Vulnerable Software and Affected Versions: ZenTao versions 16.4 through 18.0.beta1 Description: The issue allows for SQL injection after logging in with any user, by constructing a special request and sending it to the importNotice function. This enables the completion of SQL injectio...

GitLab 输入验证错误漏洞

GitLab is a self-hosted, Git version control system project repository application developed using Ruby on Rails by GitLab, Inc. GitLab CE/EE is vulnerable to an input validation error that could be exploited to set a pipeline plan to be active in a project export, so that an owner could import t...