29 matches found
CVE-2022-26959
There are two full read/write Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp pag...
EUVD-2021-16030
Malware in sbrugna...
EUVD-2022-31503
Malicious code in bioql PyPI...
CVE-2021-29398
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to browse and list the directories across the entire filesystem of the host of the web application...
CVE-2022-26959
There are two full read/write Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp pag...
CVE-2022-26959
There are two full read/write Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp pag...
Sql injection
There are two full read/write Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp pag...
CVE-2022-26959
CVE-2022-26959 describes two full Blind/Time-based SQL injection vulnerabilities in Northstar Club Management v6.3. The flaws affect: (1) processlogin.jsp in /northstar/Portal/ via the userName parameter, and (2) login.jsp in /northstar/iphone/ via the userID parameter. Exploitation could grant f...
CVE-2022-26959
There are two full read/write Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp pag...
Northstar Club Management SQL注入漏洞
Northstar Club Management is a web-based solution from Northstar, Inc. that allows organizations to manage all elements of a club, such as memberships, guests, events, and more. A security vulnerability exists in Northstar Club Management version 6.3. An attacker exploiting the vulnerability coul...
Northstar Club Management Operating System Command Injection Vulnerability
Northstar Club Management is a web-based solution from Northstar, Inc. that allows organizations to manage all elements of a club, such as memberships, guests, events, and more. An operating system command injection vulnerability exists in Northstar Club Management version 6.3, which stems from a...
CVE-2021-29395
Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application...
CVE-2021-29393
Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled "command" and "commandvalues" parameters...
CVE-2021-29397
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP...
CVE-2021-29397
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP...
Directory traversal
Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application...
CVE-2021-29398
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to browse and list the directories across the entire filesystem of the host of the web application...
CVE-2021-29398
CVE-2021-29398 affects Northstar Club Management 6.3. A directory-traversal flaw exists in /northstar/Common/NorthFileManager/fileManagerObjects.jsp that permits remote unauthenticated users to browse/list directories across the host filesystem. The root cause is insufficient authentication/permi...
CVE-2021-29397
CVE-2021-29397 affects Northstar Technologies Inc. NorthStar Club Management version 6.3. The vulnerability is a cleartext transmission issue in the login page at /northstar/Admin/login.jsp, allowing a remote observer to intercept credentials transmitted over HTTP. The connected documents confirm...
CVE-2021-29396
CVE-2021-29396 concerns NorthStar Club Management 6.3 from Northstar Technologies Inc, described as a systemic insecure-permissions issue that allows remote unauthenticated users to access and use various functionalities without authentication. The CVE entry notes exposure at network level with h...