22 matches found
EUVD-2026-42019
Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...
CVE-2026-8377 Improper Authorization in Armiya Technologies' Access Control System
Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...
EUVD-2024-47870
Malicious code in bioql PyPI...
EUVD-2024-48087
Malicious code in bioql PyPI...
CVE-2024-7107
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations. This issue affects CyberMath: before CYBM.240816253...
CVE-2024-13240
Improper Access Control vulnerability in Drupal Open Social allows Collect Data from Common Resource Locations.This issue affects Open Social: from 0.0.0 before 12.05...
CVE-2024-13240
Improper Access Control vulnerability in Drupal Open Social allows Collect Data from Common Resource Locations.This issue affects Open Social: from 0.0.0 before 12.05...
CVE-2024-13241 Open Social - Moderately critical - Information Disclosure - SA-CONTRIB-2024-005
Improper Authorization vulnerability in Drupal Open Social allows Collect Data from Common Resource Locations.This issue affects Open Social: from 0.0.0 before 12.0.5...
CVE-2024-6400
Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data, Authentication Bypass, IMAP/SMTP Command Injection, Collect Data from Common Resource Locations. This issue solved in...
CVE-2024-7107
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations. This issue affects CyberMath: before CYBM.240816253...
CVE-2024-7107
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations.This issue affects CyberMath: before CYBM.240816253...
CVE-2024-7107
CVE-2024-7107 affects National Keep Cyber Security Services’ CyberMath. A directory traversal/file-access vulnerability allows external parties to collect data from common resource locations in CyberMath versions before CYBM.240816253. The issue is described across multiple sources (Red Hat, CVE ...
PT-2024-38080 · National Keep Cyber Security Services · Cybermath
Name of the Vulnerable Software and Affected Versions: CyberMath versions before CYBM.240816253 Description: The issue affects National Keep Cyber Security Services' CyberMath, allowing external parties to access files or directories and collect data from common resource locations. Recommendation...
CVE-2024-6878
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24...
CVE-2024-6878
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24...
CVE-2023-1246
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations.This issue affects Starcities: through 1.3...
Xxe
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations.This issue affects Starcities: through 1.3...
CVE-2023-1246 Files or Directories Accessible to External Parties in Saysis Starcities
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations. This issue affects Starcities: through 1.3...
Keycloak Reflected XSS
It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server...
Open Source Database Fuzzing: FuzzDB
FuzzDB is the most comprehensive Open Source database of malicious inputs, predictable resource names, greppable strings for server response messages, and other resources like web shells. It’s like an application security scanner, without the scanner. What’s in FuzzDB? Predictable Resource...