102 matches found
SAP MDM Server 安全漏洞
SAP MDM Server is an MDM server from SAP, Germany. A security vulnerability exists in SAP MDM Server that stems from a flaw in the session control mechanism and could allow an attacker to perform non-sensitive operations or consume resources without re-authentication...
PT-2025-24489 · Lambertgroup · Lambertgroup Universal Video Player
Name of the Vulnerable Software and Affected Versions: LambertGroup Universal Video Player versions 3.8.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that a...
CVE-2023-51447
Decidim is a participatory democracy framework. Starting in version 0.27.0 and prior to versions 0.27.5 and 0.28.0, the dynamic file upload feature is subject to potential cross-site scripting attacks in case the attacker manages to modify the file names of the records being uploaded to the serve...
CVE-2022-41542
devhub 0.102.0 was discovered to contain a broken session control...
Unable to take control during a Teams session with a Linux Workspace
Unable to take control during a Teams session with a Linux Workspace...
python-asyncssh: Rogue Session Attack
A flaw was found in python-synch before the 2.14.1 versions, where the client can log in to the attacker's account without the client being able to detect this. This flaw allows an attacker to control the remote end of the SSH session completely, resulting in a complete break of the confidentiali...
PT-2025-20220 · Woobox · Woobox
Name of the Vulnerable Software and Affected Versions: Woobox versions n/a through 1.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. Specifically, it is a DOM-Based XSS vulnerability, which allows attackers to...
📄 Online Exam Mastering System 1.0 Cross Site Scripting
Online Exam Mastering System version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/exam/feedback.php Date: 2025-04-19 Exploit Author: Pruthu Raut Vendor Homepage:...
PT-2025-17181 · Crm Perks · Crm Perks
Name of the Vulnerable Software and Affected Versions: CRM Perks versions 1.1.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. Specifically, it is a Reflected XSS vulnerability, which means that an...
PT-2025-17070 · Woocommerce · 17Track For Woocommerce
Name of the Vulnerable Software and Affected Versions: 17TRACK for WooCommerce versions 1.2.10 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means an attacker can...
PT-2025-17063 · WordPress · Wp Video Posts
Name of the Vulnerable Software and Affected Versions: WP Video Posts versions 3.5.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can inject...
PT-2025-17143 · Pootlepress · Pootlepress Mobile Pages
Name of the Vulnerable Software and Affected Versions: pootlepress Mobile Pages versions 1.0.0 through 1.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacke...
PT-2025-17075 · Deetronix · Deetronix Booking Ultra Pro
Name of the Vulnerable Software and Affected Versions: Deetronix Booking Ultra Pro versions 1.1.19 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an...
CVE-2025-21447
Memory corruption may occur while processing device IO control call for session control...
CVE-2025-21447
Memory corruption may occur while processing device IO control call for session control...
CVE-2025-21447
Memory corruption may occur while processing device IO control call for session control...
CVE-2025-21447 Improper Validation of Array Index in Computer Vision
Memory corruption may occur while processing device IO control call for session control...
CVE-2025-21447 Improper Validation of Array Index in Computer Vision
Memory corruption may occur while processing device IO control call for session control...
CVE-2025-21447
CVE-2025-21447 affects Qualcomm Snapdragon chipsets. The issue is memory corruption occurring when processing a device IOCTL call for session control, caused by an underlying vulnerability in the IOCTL handling path. The provided sources (NVD/Red Hat/CVE record and related feeds) confirm the memo...
CVE-2024-4822
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...