CVE-2023-27180

GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /admin/backup.php...

CVE-2023-27180

GDidees CMS v3.9.1 is described in multiple sources as having a source code disclosure vulnerability through the backup feature exposed at /_admin/backup.php . The CVE report notes high impact with confidentiality loss (C:H) and no indicated integrity/availability impact, with an overall CVSSv3.1...

PT-2023-20993 · Unknown · Gdidees Cms

Name of the Vulnerable Software and Affected Versions: GDidees CMS version 3.9.1 Description: A source code disclosure issue was found in the backup feature of GDidees CMS, accessible via the "/ admin/backup.php" endpoint. This allows for potential access to sensitive information. Recommendations...

CVE-2023-24537

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

CVE-2023-24537

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

CVE-2023-24537 Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

CVE-2023-24537

CVE-2023-24537 affects the Go parser (go/parser) when processing Go source containing //line directives with very large line numbers, causing an infinite loop due to integer overflow. Documents confirm this vulnerability in golang/go and note that patched versions are available in affected distri...

CVE-2023-24537 Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

CVE-2023-24537

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

Music Gallery Site v1.0 - SQL Injection on music_list.php

Exploit Title: Music Gallery Site v1.0 - SQL Injection on musiclist.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0938 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Software Link:...

GO-2023-1702 Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

Grepmarx - A Source Code Static Analysis Platform For AppSec Enthusiasts

Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST Static Analysis Security Testing capabilities: Multiple languages support: C/C++, C, Go, HTML, Java, Kotlin, JavaScript,...

CVE-2020-23259

An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the JsiStrlen function in the src/jsiChar.c file...

CVE-2022-48435

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...

CVE-2022-48435

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...

Design/Logic Flaw

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...

CVE-2022-48435

CVE-2022-48435 affects JetBrains PhpStorm prior to 2023.1. The vulnerability allows source code to be logged in the local idea.log file due to how PhpStorm handles logging. Reported across multiple sources (NVD/Red Hat/CNNVD and related notices). Impact is framed as information disclosure within ...

PT-2023-15778 · Jetbrains · Phpstorm

Name of the Vulnerable Software and Affected Versions: JetBrains PhpStorm versions prior to 2023.1 Description: The issue allows source code to be logged in the local idea.log file. Recommendations: For versions prior to 2023.1, update to version 2023.1 or later to resolve the issue...

NetIQ / Microfocus Performance Endpoint 5.1 Remote Root / SYSTEM

/ Exploit Title: NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit Date: Jun 2007 Exploit Author: mu-b Vendor Homepage: https://www.microfocus.com/en-us/cyberres/identity-access-management Version: All Tested on: Windows / Solaris x86/SPARC CVE : 0day endpoint-pown-uni.c...

Expense Tracker SQL注入漏洞

Expense Tracker is an expense tracker organized by SourceCode and Projects. Earnings and Expense Tracker App version 1.0 suffers from a SQL injection vulnerability that originates from a sql injection via parameter id...