OpenAI Realtime UI 代码问题漏洞

OpenAI Realtime UI is an interactive web application developed by bigsk1, based on OpenAI’s real-time API. It supports tool extensions and integration with Webhooks. There are code-related vulnerabilities in OpenAI Realtime UI; these vulnerabilities stem from operations involving parameters in th...

PT-2023-9533 · Oracle · Peoplesoft Enterprise Peopletools

Name of the Vulnerable Software and Affected Versions: PeopleSoft Enterprise PeopleTools versions 8.59 through 8.61 Description: The issue is related to a vulnerability in the Query component of PeopleSoft Enterprise PeopleTools, which can be exploited by a low-privileged attacker with network...

PT-2023-9512 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the sqlo query spec component of openlink virtuoso-opensource is related to the improper neutralization of special elements used in SQL commands, which can be exploited by...

The vulnerability of the Navigation Pages, Portal, and Query components of the Oracle PeopleSoft Enterprise PeopleTools business application allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Navigation Pages, Portal, and Query components in Oracle PeopleSoft Enterprise PeopleTools exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to data or modify data using HTTP reques...

CVE-2022-28081

A reflected cross-site scripting XSS vulnerability in the component Query.php of arPHP v3.6.0 allows attackers to execute arbitrary web scripts...

CVE-2021-39127

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability BAC vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1...

The vulnerability of the /secure/QueryComponent!Default.jspa component of the Atlassian Jira Server and Data Center processing system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the /secure/QueryComponent!Default.jspa component of the Atlassian Jira Server and Data Center processing system is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to...

Anonymous User is Able to Access Query Component JQL Endpoint - CVE-2021-39127

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability BAC vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1. Affected versions:...

The vulnerability of the Query component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Query component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information usin...

CVE-2020-14179

Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and...

SOY CMS Cross-Site Request Forgery Vulnerability

SOY CMS is a content management system CMS. A cross-site request forgery vulnerability exists in the SOY CMS Query Component prior to version 2.0.0.3 and prior versions, which arises from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker...

The vulnerability of the Query component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to trigger a service failure or gain unauthorized access to protected information.

The vulnerability of the Query component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to remotely cause service interruptions or gain unauthorized access to protected...

Oracle PeopleSoft Enterprise PeopleTools Unauthorized Access Vulnerability (CNVD-2020-23830)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation. The products provide human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise PeopleTools is one of the tools and technology platform...

The vulnerability of the Query component in the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected data.

The vulnerability of the Query component in the PeopleSoft Enterprise PeopleTools business application suite is related to insufficient access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the HTTP protocol...

CVE-2018-3192

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Query. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools (CNVD-2018-02009)

PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. An unspecified vulnerability exists in the Query component of Oracle PeopleSoft Enterprise PeopleTools. An attacker could exploit the...