174 matches found
JetBrains Hub server-side request forgery vulnerability
JetBrains Hub is a web-based application from JetBrains Czech Republic. JetBrains Hub has a server-side request forgery vulnerability that stems from the software's lack of validation for request forgery, which can be exploited by attackers to conduct server-side request forgery SSRF attacks...
JetBrains Hub has an unspecified vulnerability (CNVD-2022-17757)
JetBrains Hub is a web-based application from JetBrains Czech Republic. The application is capable of integrating multiple JetBrains team tools together.A security vulnerability exists in versions prior to JetBrains Hub 2022.1.14434, which stems from allowing SAML requests to take over. No detail...
Sourcecodester Hospital Patient Records Management System SQL注入漏洞
Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 is vulnerable to SQL injection. The vulnerability is caus...
Sourcecodester Hospital Patient Records Management System SQL注入漏洞(CNVD-2022-48763)
Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 is vulnerable to SQL injection. The vulnerability is caus...
Sourcecodester Hospital Patient Records Management System本地文件包含漏洞
Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 contains a local file inclusion vulnerability that can b...
JetBrains Hub 跨站脚本漏洞
JetBrains Hub is a web-based application from JetBrains Czech Republic. The application is able to integrate multiple JetBrains team tools together. JetBrains Hub has a cross-site scripting vulnerability that can be exploited by attackers to execute XSS attacks...
CVE-2022-24707 SQL injection in anuko timetracker
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind injection vulnerabilities existed in Time Tracker Puncher plugin in versions of anuko timetracker prior to 1.20.0.5642. This was happening because the Puncher plugin...
Sourcecodester Hospital Patient Records Management System跨站脚本漏洞(CNVD-2022-48765)
Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Records Management System is vulnerable to a cross-site scripting vulnerability that...
K-Box Cross-Site Scripting Vulnerability
K-Box is a web-based application used to manage document, image, video and geographic data. A cross-site scripting vulnerability exists in K-Box, which stems from the fact that the editors of the product's user document summaries and markdown file previews do not securely handle special character...
CVE-2022-23637
K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting XSS vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked,...
Cross site scripting
K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting XSS vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked,...
CVE-2022-23637
K-Box (web-based document/image/geodata manager) contains a stored XSS vulnerability in the markdown editor used for document abstracts and markdown previews. The issue arises from unsafely handled input in the editor, where a crafted anchor link can trigger untrusted JavaScript actions (e.g., co...
CVE-2022-23637 Stored Cross-Site-Scripting (XSS) in Markdown Editor
K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting XSS vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked,...
SourceCodester Simple Cold Storage Management System信息泄露漏洞
Sourcecodester Simple Cold Storage Management System is a web-based application used as a cold storage business website to provide their customers or potential customers with an easy-to-access platform to learn about their company. sourceCodester Simple Cold Storage Management System has a securi...
Sourcecodester Simple Client Management System SQL注入漏洞
Sourcecodester Simple Client Management System is a simple web-based application that provides an online platform to manage company customer invoices. sourcecodester Simple Client Management System is vulnerable to SQL injection vulnerability, which stems from the application's lack of validation...
Sourcecodester Hospital Patient Records Management System 跨站脚本漏洞
SourceCodester Hospital Patient Records Management System is a web-based PHP application that provides an automated platform for hospitals to store and manage their patient records. A cross-site scripting vulnerability exists in version 1.0 of the Management System. The vulnerability is related t...
SourceCodester Hospital Patient Records Management System horizontal override vulnerability
SourceCodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourceCodester Hospital Patient Records Management System version 1.0 contains a horizontal override vulnerability, whi...
SourceCodester Online Railway Reservation system SQL注入漏洞
SourceCodester Online Railway Reservation system is a web-based application that provides an online platform for rail or train station passengers or potential passengers to browse their schedules and reserve seats. sourceCodester Online Railway Reservation system is vulnerable to a SQL injection...
SourceCodester Budget and Expense Tracker System SQL注入漏洞
SourceCodester Budget And Expense Tracker System is a web-based application from Carlo Montero's personal developer. SourceCodester Budget and Expense Tracker System is vulnerable in v1.0 due to a lack of SQL data escaping and filtering in the software. An attacker could use the user name field t...
Cisco Unified Contact Center Management Portal和Cisco Unified Contact Center Domain Manager 安全漏洞
Cisco Unified Contact Center Management Portal and Cisco Unified Contact Center Domain Manager are both products of Cisco Corporation. Management Portal is an intuitive and secure Web-based application that allows supervisors and managers to meet the complex and changing demands of the contact...