4 matches found
git: Git does not sanitize URLs when asking for credentials interactively
A flaw was found in Git. This vulnerability occurs when Git requests credentials via a terminal prompt, for example, without the use of a credential helper. During this process, Git displays the host name for which the credentials are needed, but any URL-encoded parts are decoded and displayed...
Liferay Portal and Liferay DXP Security Vulnerabilities
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
PT-2022-27075 · Unknown · Simmeth Lieferantenmanager
Name of the Vulnerable Software and Affected Versions: Simmeth Lieferantenmanager versions prior to 5.6 Description: An issue was discovered in the "/DS/LM API/api/SelectionService/InsertQueryWithActiveRelationsReturnId" API endpoint. This allows an attacker to execute JavaScript code in the...
XMB member.php Multiple Parameter SQL Injection
The remote host is running XMB Forum, a web forum written in PHP. According to its banner, this forum is vulnerable to a SQL injection bug which may allow an attacker to steal the passwords hashes of any user of this forum, including the forum administrator. Once he has the password hashes, he ca...