17432 matches found
CVE-2023-4321
Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3...
CVE-2023-4982
Cross-site Scripting XSS - Stored in GitHub repository librenms/librenms prior to 23.9.0...
CVE-2023-4928
SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4195
PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit prior to 2.6.3...
CVE-2023-4704
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4698
Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2...
CVE-2023-4977
Code Injection in GitHub repository librenms/librenms prior to 23.9.0...
CVE-2023-4124
Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1...
CVE-2023-4188
SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-git...
CVE-2023-4007
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16...
CVE-2023-4395
Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4...
CVE-2023-4432
Cross-site Scripting XSS - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4...
CVE-2023-4898
Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1...
CVE-2023-40034
Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...
CVE-2021-41120
sylius/paypal-plugin is a paypal plugin for the Sylius development platform. In affected versions the URL to the payment page done after checkout was created with autoincremented payment id /pay-with-paypal/id and therefore it was easy to predict. The problem is that the Credit card form has...
CVE-2022-0913
Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0139
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0...
CVE-2022-0896
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0526
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0...
CVE-2022-0724
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3...