PT-2026-1494

Name of the Vulnerable Software and Affected Versions InWave Jobs versions through 3.5.8 Description The Sfwebservice InWave Jobs software contains a missing authorization issue, allowing exploitation of incorrectly configured access control security levels. An unauthenticated attacker can execut...

PT-2024-22339 · Ngrinder · Ngrinder

Name of the Vulnerable Software and Affected Versions: nGrinder versions prior to 3.5.9 Description: The issue allows remote attackers to execute arbitrary code via unsafe Java objects deserialization. This is possible because the software accepts serialized Java objects from unauthenticated user...

PT-2024-22338 · Ngrinder +1 · Ngrinder +1

Name of the Vulnerable Software and Affected Versions: nGrinder versions prior to 3.5.9 Description: The issue is related to the use of an old version of SnakeYAML in nGrinder, which could allow a remote attacker to execute arbitrary code via unsafe deserialization. Recommendations: For versions...

PT-2024-22340 · Ngrinder · Ngrinder

Name of the Vulnerable Software and Affected Versions: nGrinder versions prior to 3.5.9 Description: The issue allows an attacker to set a delay without limitation, potentially causing a Denial of Service. This could be exploited by a remote attacker. Recommendations: For versions prior to 3.5.9,...