SQL Injection

Overview glpi/glpi is a free Asset and IT Management Software package with ITIL Service Desk, licenses tracking and software auditing. Affected versions of this package are vulnerable to SQL Injection via the Search process. An attacker can execute arbitrary SQL commands on the underlying databas...

The vulnerability of Trend Micro Apex One and Apex One as a Service anti-virus software lies in its uncontrolled search path. This allows attackers to escalate their privileges and execute arbitrary code within the SYSTEM context.

The vulnerability of the Data Loss Prevention module in Trend Micro’s anti-virus software programs Apex One and Apex One as a Service is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary co...

The vulnerability of the Data Loss Prevention module of Trend Micro Apex One and Apex One as a Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Data Loss Prevention module in Trend Micro Apex One and Apex One as a Service antivirus software is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a...

The vulnerability of the IBM i operating system, related to an uncontrolled element in the search process, allows a perpetrator to execute arbitrary code with administrator privileges.

The vulnerability of the IBM i operating system is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability in the Jupyter Core environment for interactive code development and execution, related to an uncontrolled element in the search process, allows attackers to exploit their privileges.

The vulnerability in the Jupyter Core environment for interactive code development and execution is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the SAP Product Lifecycle Costing Client software lies in its uncontrolled search mechanism, which allows attackers to disclose sensitive information.

The vulnerability of the SAP Product Lifecycle Costing Client software is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to disclose sensitive information...

The vulnerability of the needrestart utility, related to the uncontrolled element in the search process, allows a hacker to execute arbitrary code in the context of the root user.

The vulnerability of the needrestart utility is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root user by manipulating the PYTHONPATH variable during Python initialization...

The vulnerability of the Okta Verify multi-factor authentication application update service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Okta Verify multi-factor authentication application update service for Windows operating systems is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

The vulnerability of the ISE Posture (System Scan) module of the Cisco Secure Client (formerly Cisco AnyConnect Secure Mobility Client) security solution allows attackers to enhance their privileges.

The vulnerability of the ISE Posture System Scan module of the Cisco Secure Client formerly Cisco AnyConnect Secure Mobility Client security solution is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the client installer for conducting real-time audio and video conferences in Zoom Client for Meetings for macOS, allowing a intruder to escalate their privileges.

The vulnerability of the client installer for conducting real-time audio and video conferences in Zoom Client for Meetings for macOS is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

RecoverPy - Interactively Find And Recover Deleted Or Overwritten Files From Your Terminal

You can already find plenty of solutions to recover deleted files, but it can be a hassle to recover overwritten files. RecoverPy searches through every block of your partition to find your request. Demo Installation  RecoverPy is currently only available on Linux systems. Dependancies Mandatory...

The vulnerability of the VideoXpert OpsCenter software, related to an uncontrolled element in the search process, allows a intruder to execute arbitrary code using specially uploaded DLL files.

The vulnerability of the VideoXpert OpsCenter surveillance system software is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using specially uploaded DLL files...

The vulnerability of the DLL library loading mechanism used by Cisco Immunet and Cisco Advanced Malware Protection allows a malicious actor to execute arbitrary code with elevated privileges.

The vulnerability of the DLL library loading mechanism used by Cisco Immunet and Cisco Advanced Malware Protection is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a attacker to execute arbitrary code with elevated privileges...

The vulnerability of the zenone32.exe editor in the COPA-DATA SCADA system allows a intruder to execute arbitrary code.

The vulnerability of the zenone32.exe editor in the COPA-DATA SCADA system is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...

gute-reisen-online.com XSS vulnerability

Open Bug Bounty ID: OBB-401428 Description| Value ---|--- Affected Website:| gute-reisen-online.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

wcf.vu.edu.au XSS vulnerability

Vulnerable URL: http://wcf.vu.edu.au/pathways/SearchProcess.cfm Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status:| No Check wcf.vu.edu.au SSL...

Unfixed XSS vulnerability at www.snowlionpub.com

Security researcher pSyChOmOnkee, has submitted on 14/05/2008 a cross-site-scripting XSS vulnerability affecting www.snowlionpub.com, which at the time of submission ranked 488363 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/06/2008. It i...