CVE-2024-22457

Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and...

Dell Secure Connect Gateway Security Vulnerability

Dell Secure Connect Gateway is a secure connectivity gateway from Dell USA. A security vulnerability exists in Dell Secure Connect Gateway that stems from an incorrect authentication vulnerability contained during the SRS to SCG update path...

PT-2024-19435 · Dell · Dell Secure Connect Gateway

Name of the Vulnerable Software and Affected Versions: Dell Secure Connect Gateway version 5.20 Description: The issue is related to an improper authentication vulnerability that occurs during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this, leading to...

CVE-2023-45115

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database...

GHSA-R222-MCFF-27FF Cross-Site Request Forgery in JFinalCMS via /admin/div/update

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/div/update...

CVE-2023-25432

An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...

CVE-2023-25432

An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...

SUSE CVE-2013-3706

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management ZCM 11.2 allows remote attackers to read arbitrary files via a .. dot dot in a preboot update pathname, aka ZDI-CAN-1595...

Online Tours & Travels Management System SQL注入漏洞

Online Tours & Travels Management System is an online travel management system by Mayuri K. Personal developer. A SQL injection vulnerability exists in Online Tours & Travels Management System version v1.0 due to a lack of validation of the id parameter in its /admin/updateexpensecategory.php...

CVE-2022-27429

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via /admin.php/Plugins/update.html...

Path traversal

A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A path handling issue was addressed with improved validation...

Opto 22 SoftPAC Project Data Forgery Issue Vulnerability

Opto 22 SoftPAC Project is an automation software suite from Opto 22 USA. The product is capable of providing industrial automation, process control, building automation, remote monitoring, data acquisition and industrial IoT. A data forgery issue vulnerability exists in Opto 22 SoftPAC Project...

PT-2019-9623 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 versions prior to 5.3.2.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the gr 110 parameter in the adm/boardgroup form update.php endpoint, specifically through the "board group extra...

CVE-2019-7383

An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1TRUNK-20181105.bin. A shell command injection occurs by editing the description of an ISP file. The file network/isp/ispupdateedit.php does not properly validate user input, which leads to...

CVE-2018-20563

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update has XSS via the mobilename parameter...

SRCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-08317)

SRCMS is a security emergency response and defect management software, dedicated to providing large, medium and small businesses and organizations with "the most agile, secure and beautiful security emergency response center building solutions to help companies build their own security emergency...

CVE-2018-17045

An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF vulnerability that can change the administrator password via admin/modul/users/aksiusers.php?act=update...

MGASA-2016-0016 Updated roundcubemail packages fix security vulnerability

The roundcubemail package has been updated to version 1.0.8, which fixes a path traversal issue and other bugs. See the upstream release announcement for more details...

xorg security update

CentOS Errata and Security Advisory CESA-2013:0502 Updated core client packages for the X Window System that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low...

How to Move the VBRCatalog Folder

Purpose This article documents the procedure for moving the VBRCatalog folder. Solution VBRCatalog Location Requirements The VBRCatalog folder must be on the root of a given drive letter. Example: C:\VBRCatalog\ or D:\VBRCatalog\ The VBRCatalog cannot be redirected to a CIFS share or mapped netwo...