CVE-2023-2046 SQLi in Yontem Vehicle TrackingSsystem

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yontem Informatics Vehicle Tracking System allows SQL Injection. This issue affects Vehicle Tracking System: before 8...

CVE-2023-2046 SQLi in Yontem Vehicle TrackingSsystem

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yontem Informatics Vehicle Tracking System allows SQL Injection. This issue affects Vehicle Tracking System: before 8...

PT-2023-17442 · Yontem Informatics · Yontem Informatics Vehicle Tracking System

Name of the Vulnerable Software and Affected Versions: Yontem Informatics Vehicle Tracking System versions prior to 8 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attack...

CVE-2023-2065

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28...

CVE-2023-2065

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28...

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass.This issue affects Cargo Tracking System: before 3558f28...

CVE-2023-2065

CVE-2023-2065 concerns Armoli Technology Cargo Tracking System. Affected: Cargo Tracking System versions before 3558f28. Root cause: Authorization Bypass via a user-controlled key, enabling authentication abuse. Impact: high confidentiality, integrity, and availability (per CVSS 3.1, base score 8...

CVE-2023-2065 IDOR in Armoli Technology's Cargo Tracking System

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28...

CVE-2023-2065 IDOR in Armoli Technology's Cargo Tracking System

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System: before 3558f28...

Armoli Technology Cargo Tracking System 安全漏洞

Armoli Technology Cargo Tracking System is a cargo tracking system from Armoli Technology. A security vulnerability exists in Armoli Technology Cargo Tracking System versions prior to 3558f28. An attacker could use this vulnerability to bypass authentication...

PT-2023-17518

Name of the Vulnerable Software and Affected Versions Armoli Technology Cargo Tracking System versions before 3558f28 Description The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability, allowing authentication abuse and bypass. This vulnerability enables potenti...

CVE-2023-32308

The CVE-2023-32308 entry concerns anuko timetracker, an open-source time-tracking system. A Boolean-based blind SQL injection existed in Time Tracker’s invoices.php for versions prior to 1.22.11.5781, caused by a coding error after validating POST parameters and lack of an error check before adju...

CVE-2023-32306

Time Tracker vulnerability CVE-2023-32306 exists in the Reports feature (reports.php) of Time Tracker prior to version 1.22.13.5792. A time-based blind SQL injection arises because several POST parameters aren’t properly validated, enabling crafted requests to inject SQL into the Time Tracker dat...

OpenCATS Cross-Site Scripting Vulnerability (CNVD-2023-29368)

OpenCATS is a leading open source applicant tracking system for recruiters and companies. A security vulnerability exists in OpenCats v0.9.7. An attacker could use the vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload into the state parameter of...

Debian: Security Advisory (DLA-512-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Atlassian Jira 授权问题漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. Atlassian Jira suffers from an authorization issue vulnerability that can be exploited by an attacker to bypass authentication b...

CVE-2021-43779

GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of...

Remote code execution

GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of...

CVE-2021-43779

CVE-2021-43779 affects GLPI with the addressing plugin in versions

CVE-2020-1032

creationtimestamp| type| source ---|---|--- 2021-11-08 08:58:18+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422...