Lucene search
K

81 matches found

Cvelist
Cvelist
added 2024/04/26 12:0 a.m.24 views

CVE-2024-32406

Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...

8AI score0.01109EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/04/26 12:0 a.m.9 views

CVE-2024-32404

Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature...

8.2AI score0.00797EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/26 12:0 a.m.5 views

relate 安全漏洞

RELATE is a web-based courseware package from the individual developer Andreas Klöckner. A security vulnerability exists in relate version v.2024.1, which stems from the presence of a server-side template injection SSTI vulnerability...

6CVSS7.2AI score0.00797EPSS
Exploits0References2
CVE
CVE
added 2024/04/26 12:0 a.m.56 views

CVE-2024-32406

Relate Relate Learning and Teaching System (inducer relate) prior to 2024.1 is affected by a Server-Side Template Injection (SSTI) in the Batch-Issue Exam Tickets function, enabling remote arbitrary code execution. Concrete details across sources specify the vulnerability in inducer relate before...

7.5CVSS8AI score0.01109EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.5 views

relate 安全漏洞

Relate is a web-based learning and teaching environment. A security vulnerability exists in versions prior to relate 2024.1, which stems from a Template Injection SSTI vulnerability in the Batch Issue Exam Tickets feature...

7.5CVSS7AI score0.01109EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2024/04/24 12:0 a.m.324 views

Relate Learning And Teaching System SSTI / Remote Code Execution

Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIBatch-Issue Exam Tickets function lead to RCE Date: 24/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/04/24 12:0 a.m.335 views

Relate Learning And Teaching System SSTI / Remote Code Execution Vulnerability

Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the Batch-Issue Exam Tickets function. Exploit Title: Relate Learning And Teaching system Version before...

8.3AI score
Exploits0
OSV
OSV
added 2024/04/22 7:15 p.m.5 views

CVE-2024-32407

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature...

8.8CVSS6.1AI score0.01099EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/22 12:0 a.m.22 views

CVE-2024-32405

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...

6.7AI score0.00501EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/22 12:0 a.m.15 views

CVE-2024-32405

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...

6.6AI score0.00501EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/04/21 12:0 a.m.5 views

Relate 安全漏洞

Relate is a web-based learning and teaching environment. A security vulnerability exists in Relate versions prior to 2024.1 that stems from the presence of a stored cross-site scripting XSS vulnerability...

8.8CVSS5.7AI score0.01099EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/04/21 12:0 a.m.4 views

Relate 安全漏洞

Relate is a web-based learning and teaching environment. A security vulnerability exists in Relate versions prior to 2024.1 that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability...

2.6CVSS5.9AI score0.00501EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2024/04/19 12:0 a.m.183 views

Relate Learning And Teaching System SSTI / Remote Code Execution

Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIMarkup Sandbox function lead to RCE Date: 19/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.274 views

Relate Cross Site Scripting

Exploit Title: Relate Learning And Teaching system Version before 2024.1 Stored XSS Date: 18/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.3 views

The vulnerability of the Internal Operations component of the MICROS Relate CRM Software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Internal Operations component of the MICROS Relate CRM Software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

7.1CVSS6.8AI score0.01373EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/10/17 12:0 a.m.2 views

Unspecified Vulnerability in Oracle Retail Applications MICROS Relate CRM Software Component (CNVD-2019-39857)

Oracle Retail Applications is a suite of retail applications store solutions from Oracle. The product includes inventory management, sales management and customer management, etc. MICROS Relate CRM Software is one of the customer relationship management components. An unspecified vulnerability...

5.9CVSS6.9AI score0.01373EPSS
Exploits0References1
NVD
NVD
added 2019/10/16 6:15 p.m.23 views

CVE-2019-2896

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications component: Internal Operations. Supported versions that are affected are 7.1.0, 15.0.0, 16.0.0, 17.0.0, and 18.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP...

5.9CVSS5AI score0.01373EPSS
Exploits0References1
OSV
OSV
added 2019/10/16 6:15 p.m.2 views

CVE-2019-2896

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications component: Internal Operations. Supported versions that are affected are 7.1.0, 15.0.0, 16.0.0, 17.0.0, and 18.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP...

5.9CVSS6.8AI score0.01373EPSS
Exploits0References1
Prion
Prion
added 2019/10/16 6:15 p.m.13 views

Spoofing

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications component: Internal Operations. Supported versions that are affected are 7.1.0, 15.0.0, 16.0.0, 17.0.0, and 18.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP...

4.3CVSS5.7AI score0.01373EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2019/10/16 5:40 p.m.7 views

CVE-2019-2896

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications component: Internal Operations. Supported versions that are affected are 7.1.0, 15.0.0, 16.0.0, 17.0.0, and 18.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP...

6.1AI score0.01373EPSS
Exploits0References1
Rows per page
Query Builder