191 matches found
SQL Injection Vulnerability in the Frontend of Nanjing Benan Work Safety Accident Hidden Trouble Detection and Management Information System V2.3
Nanjing Benan Instrumentation Systems Co., Ltd. is committed to the design and development of hardware and software products in the field of safety production. SQL injection vulnerability exists in the front-end of Nanjing Benan's Hidden Accident Investigation and Management Information System...
cloud.agileframework:agile-security (>=2.1.0.M8 <=2.2.0.M7), cloud.agileframework:spring-boot-starter-kaptcha (>=2.1.0.M8 <=2.2.0.M7) +234 more potentially affected by CVE-2018-18531 via com.github.penggle:kaptcha (=2.3.2)
com.github.penggle:kaptcha MAVEN version =2.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on com.github.penggle:kaptcha and may be impacted: - cloud.agileframework:agile-security =2.1.0.M8, =2.1.0.M8, =1.0.0-2024, =1.0.0-2024, =1.0.0-2024, =1.0.0,...
SV3C L-SERIES HD CAMERA Cross-Site Scripting Vulnerability
SV3C L-SERIES HD CAMERA is a webcam product from SV3C Technology, China. A cross-site scripting vulnerability exists in SV3C L-SERIES HD CAMERA version V2.3.4.2103-S50-NTD-B20170508B, which originates from the program failing to properly validate user-submitted input. The vulnerability can be...
CloudBees Jenkins TraceTronic ECU-TEST Plugin Server-Side Request Forgery Vulnerability
CloudBees Jenkins is a suite of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor ongoing software releases/testing projects and some timed tasks.TraceTronic ECU-TEST Plugin is an automated test software for embedded systems that uses... TraceTronic ECU-TEST...
Zivif PR115-204-P-RS Remote Command Injection Vulnerability
The Zivif PR115-204-P-RS is a webcam device. A remote command injection vulnerability exists in Zivif PR115-204-P-RS version 2.3.4.2103. A remote attacker can exploit this vulnerability to inject arbitrary commands...
systemd-resolved denial of service vulnerability
systemd-resolved is a system service used to manage network name resolution. A denial of service vulnerability exists in systemd-resolved version 233 and earlier. A remote attacker could use this vulnerability to cause a denial of service daemon crash with a specially crafted DNS response...
MantisBT 'Timeline include' page cross-site scripting vulnerability
MantisBT is a Web-based open source defect tracking system of the MantisBT team . The system provides project management and defect tracking services in the form of Web operations. A cross-site scripting vulnerability exists in the Timeline include page used in the My View myviewpage.php and User...
Exponent CMS 'src' Parameter SQL Injection Vulnerability
Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...
Exponent CMS 'version' Parameter SQL Injection Vulnerability
Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...
PT-2012-4689 · Moodle · Moodle
Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.9 Moodle versions 2.1.x through 2.1.6 Moodle versions 2.2.x through 2.2.3 Moodle versions 2.3.x through 2.3.0 Description: A cross-site scripting XSS issue exists, allowing remote authenticated administrators...
PT-2009-4839 · Ruby · Ruby On Rails
Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 2.3.3 Description: The issue concerns the digest authentication functionality in Ruby on Rails, where the example code defines an authenticate or request with http digest block that returns nil instead of false...