25 matches found
PT-2026-20321
Name of the Vulnerable Software and Affected Versions Gogs versions 0.13.4 and below Description Gogs, a self-hosted Git service, has a broken access control issue. Authenticated users with write access to a repository can modify labels belonging to other repositories. This is due to a failure in...
CVE-2023-50101
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via Label management editing...
Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞
Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Enalean Tuleap Community Edition and Enalean Tuleap...
CVE-2024-33009
SAP Global Label Management is vulnerable to SQL injection. On exploitation the attacker can use specially crafted inputs to modify database commands resulting in the retrieval of additional information persisted by the system. This could lead to low impact on Confidentiality and Integrity of the...
CVE-2020-2191
Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels...
CVE-2024-0683
The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in all versions up to, and including, 3.0.14. This makes it possible for unauthenticated and authenticated attackers, with subscriber-level access and...
SAP Global Label Management SQL Injection Vulnerability
SAP Global Label Management is a global label management system from SAP. SAP Global Label Management suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal S...
CVE-2024-33009
SAP Global Label Management is vulnerable to SQL injection. On exploitation the attacker can use specially crafted inputs to modify database commands resulting in the retrieval of additional information persisted by the system. This could lead to low impact on Confidentiality and Integrity of the...
CVE-2024-33009 SQL injection vulnerability in SAP Global Label Management (GLM)
SAP Global Label Management is vulnerable to SQL injection. On exploitation the attacker can use specially crafted inputs to modify database commands resulting in the retrieval of additional information persisted by the system. This could lead to low impact on Confidentiality and Integrity of the...
CVE-2024-33009 SQL injection vulnerability in SAP Global Label Management (GLM)
SAP Global Label Management is vulnerable to SQL injection. On exploitation the attacker can use specially crafted inputs to modify database commands resulting in the retrieval of additional information persisted by the system. This could lead to low impact on Confidentiality and Integrity of the...
CVE-2024-33009
CVE-2024-33009 affects SAP Global Label Management (GLM). The vulnerability is a SQL injection due to insufficient input validation, enabling an attacker to modify database commands and retrieve additional data persisted by the system. The impact is described as low for confidentiality and integr...
SAP Global Label Management SQL注入漏洞
SAP Global Label Management is a global label management system from SAP. SAP Global Label Management suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal S...
GHSA-M3P6-43XJ-PF9V Cross-site Scripting in JFinalcms
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via Label management editing...
Cross-site Scripting in JFinalcms
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via Label management editing...
CVE-2023-50101
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via Label management editing...
CVE-2023-50101
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via Label management editing...
Cross site scripting
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via Label management editing...
CVE-2023-50101
JFinalcms 5.0.0 is affected by a Cross-Site Scripting (XSS) vulnerability in the Label management editing feature. The issue is described across multiple sources (including Red Hat and Veracode feeds) as stemming from insufficient input validation in the library’s label management flow, enabling ...
JFinalCMS Cross-Site Scripting Vulnerability
JFinalCMS is a content management system by heyewei Personal Developer. A cross-site scripting vulnerability exists in JFinalCMS version 5.0.0, which stems from a cross-site scripting XSS vulnerability in the Label management editing...
CVE-2023-50101
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via Label management editing...