CVE-2023-0938 SourceCodester Music Gallery Site GET Request music_list.php sql injection

A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file musiclist.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely...

Denial of service vulnerability when parsing multipart request body

Summary The request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. Details The multipart body parser processes an unlimited number of file parts. The multipart body parser processes an unlimited number of field parts. Impact...

Design/Logic Flaw

Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 1.5.2, the request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and ...

PYSEC-2023-49

Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 1.5.2, the request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and ...

SUSE CVE-2014-2739

The cmareqhandler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet aka RoCE address that is properly resolved within a different module, which allows remote attackers to cause a denial of service incorrect...

CVE-2023-0732

A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is the function registration of the file oews/classes/Users.php of the component POST Request Handler. The manipulation of the argument...

CVE-2023-0686

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

Sql injection

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

PT-2023-33052 · Unknown · Requesthandlercomponent

Name of the Vulnerable Software and Affected Versions: RequestHandlerComponent affected versions not specified Description: The issue allows well-crafted requests to create a denial of service attack. It is related to the use of Xml::build, which enables reading local files. Recommendations: For...

PT-2023-14795 · Opentext · Opentext Content Suite Platform

Name of the Vulnerable Software and Affected Versions: OpenText Content Suite Platform version 16.2.19.1803 Description: An issue was discovered where the request handler for ll.KeepAliveSession sets a valid AdminPwd cookie even when the Web Admin password was not entered. This allows access to...

The Gribbit Web Framework 访问控制错误漏洞

The Gribbit Web Framework is a new ultra-safe, ultra-simple, ultra-fast framework from Luke Hutchison's personal developer. It is used to build complex web applications using Java and other JVM languages. A security vulnerability exists in The Gribbit Web Framework, which originates in the functi...

PT-2023-10141 · Lukehutch · Gribbit

Name of the Vulnerable Software and Affected Versions: lukehutch Gribbit affected versions not specified Description: A problematic issue was found in lukehutch Gribbit, affecting the messageReceived function of the file src/gribbit/request/HttpRequestHandler.java. This issue leads to missing...

CVE-2022-4275

A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument searchproperty leads to sql injection. The attack ca...

CVE-2022-4276

A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument idphoto leads to unrestricted upload. The attack may be launched...

Sql injection

A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument searchproperty leads to sql injection. The attack ca...

House Rental System 代码问题漏洞

House Rental System is a rental management system that allows you to add, modify and delete listings and to place reservations. A security vulnerability exists in House Rental System due to unknown functionality in the component POST request handler file tenant-engine.php, where the operation of...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDERID leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

CVE-2022-4249 Movie Ticket Booking System POST Request cross site scripting

A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDERID leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

Movie Ticket Booking System 跨站脚本漏洞

Movie Ticket Booking System is a movie ticket booking system by the individual developer Aman sharma. A security vulnerability exists in Movie Ticket Booking System, which stems from a problem with the unknown functionality of the component POST Request Handler, where manipulation of the paramete...

PT-2022-26456 · Unknown · Movie Ticket Booking System

Name of the Vulnerable Software and Affected Versions: Movie Ticket Booking System affected versions not specified Description: A problematic issue was found in the Movie Ticket Booking System, affecting an unknown function of the component POST Request Handler. The manipulation of the ORDER ID...