20 matches found
EUVD-2024-34130
Malicious code in bioql PyPI...
EUVD-2024-50613
Malicious code in bioql PyPI...
EUVD-2025-6258
Malicious code in bioql PyPI...
CVE-2025-2271
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...
CVE-2025-2271
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...
CVE-2025-2271 IDOR in Issuetrak NewAuditID parameter via Inv_PopTrakXShow.asp
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...
CVE-2025-2271
Issuetrak v17.2.2 and earlier contain an Insecure Direct Object Reference (IDOR) in the audit component, enabling a low-privileged user to access audit results of other users and exposing sensitive information (user details, network/hardware info, installed programs, processes, drives, printers)....
Issuetrak 安全漏洞
Issuetrak is an issue tracking software from Issuetrak, Inc. A security vulnerability exists in Issuetrak v17.2.2 and prior versions, which stems from an insecure direct object reference in the auditing component that could lead to a low-privileged user accessing another user's audit results,...
CVE-2024-12123
A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. When an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy. The ticket requester can be changed from the...
CVE-2024-12123
CVE-2024-12123 affects Issuetrak v17.1. A hidden field manipulation flaw allows an authenticated user submitting a ticket to have the request intercepted and modified via a proxy, changing the ticket requester to another user in the same application, which the app accepts. The issue is described ...
CVE-2024-11479
A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the emails sent to all users on that ticket...
CVE-2024-11479 Authenticated HTML Injection in Issuetrak Ticket Comment Function
A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the emails sent to all users on that ticket...
CVE-2024-11479 Authenticated HTML Injection in Issuetrak Ticket Comment Function
A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the emails sent to all users on that ticket...
PT-2024-17449 · Issuetrak · Issuetrak
Name of the Vulnerable Software and Affected Versions: Issuetrak version 17.1 Description: A hidden field manipulation issue was identified that could be triggered by an authenticated user. When an authenticated user submits a ticket, the request can be intercepted and modified by using a proxy...
Issuetrak 安全漏洞
Issuetrak is an issue tracking software from Issuetrak, Inc. A security vulnerability exists in Issuetrak version 17.1, which stems from the presence of an HTML injection vulnerability that allows an authenticated attacker to add HTML markup to the comments of a work order that, when submitted,...
Issuetrak 安全漏洞
Issuetrak is an issue tracking software from Issuetrak, Inc. A security vulnerability exists in Issuetrak version 17.1, which stems from the presence of a hidden field manipulation vulnerability, whereby when an authenticated user submits a work order, the request may be intercepted and...
IssueTrak 7.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications ================ Exploit Title: SQL Injection Vulnerability in Issue Trak = 7.0 Possibly applicable up to version 9.7 Vendor Homepage: http://issuetrak.com Version: Confirmed 7.0; = 7.0 extremely likely; up to 9.7 very likely Google Dork:...
IssueTrak 7.0 - SQL Injection
================ Exploit Title: SQL Injection Vulnerability in Issue Trak = 7.0 Possibly applicable up to version 9.7 Date: 05-28-2018 Vendor Homepage: http://issuetrak.com Version: Confirmed 7.0; = 7.0 extremely likely; up to 9.7 very likely Google Dork: inurl:"IssueTrak" inurl:"asp" Discovered...
IssueTrak 7.0 - SQL Injection
IssueTrak 7.0 - SQL Injection ================ Exploit Title: SQL Injection Vulnerability in Issue Trak = 7.0 Possibly applicable up to version 9.7 Date: 05-28-2018 Vendor Homepage: http://issuetrak.com Version: Confirmed 7.0; = 7.0 extremely likely; up to 9.7 very likely Google Dork:...
IssueTrak 7.0 SQL Injection
================ Exploit Title: SQL Injection Vulnerability in Issue Trak = 7.0 Possibly applicable up to version 9.7 Date: 05-28-2018 Vendor Homepage: http://issuetrak.com Version: Confirmed 7.0; = 7.0 extremely likely; up to 9.7 very likely Google Dork: inurl:"IssueTrak" inurl:"asp" Discovered...