1225 matches found
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41618
CVE-2024-41618 affects Money Manager EX WebApp (web-money-manager-ex) 1.2.2 and is caused by improper sanitization of the TrDeleteArr parameter in transaction_delete_group, allowing SQL injection. The vulnerability is described consistently across Red Hat, NVD, OSV, CNNVD, CVEList/CVE pages, and ...
CVE-2024-41617
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control: the redirect_if_not_loggedin function in functions_security.php does not terminate after redirecting unauthenticated users. This allows an unauthenticated attacker to upload arbitrary files, potentiall...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
Malicious code in intl.walmart.cca.webapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f663678906f8c3cc94e69d26183d0757c295a9f04195749cd05c3260b980db1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of WebApp installations for browsers Google Chrome and Microsoft Edge allows a hacker to replace the user interface.
The vulnerability of WebApp Installs components in Google Chrome and Microsoft Edge is related to improper security checks for standard elements. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially crafted HTML page...
openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0258-2)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0258-2 advisory. - Chromium 128.0.6613.84 boo1229591 CVE-2024-7964: Use after free in Passwords CVE-2024-7965: Inappropriate implementation in V8 CVE-2024-7966: O...
OPENSUSE-SU-2024:0258-2 Security update for chromium
This update for chromium fixes the following issues: - Chromium 128.0.6613.84 boo1229591 CVE-2024-7964: Use after free in Passwords CVE-2024-7965: Inappropriate implementation in V8 CVE-2024-7966: Out of bounds memory access in Skia CVE-2024-7967: Heap buffer overflow in Fonts CVE-2024-7968: Use...
OPENSUSE-SU-2024:0258-1 Security update for chromium
This update for chromium fixes the following issues: - Chromium 128.0.6613.84 boo1229591 CVE-2024-7964: Use after free in Passwords CVE-2024-7965: Inappropriate implementation in V8 CVE-2024-7966: Out of bounds memory access in Skia CVE-2024-7967: Heap buffer overflow in Fonts CVE-2024-7968: Use...
Chromium: CVE-2024-8033 Inappropriate implementation in WebApp Installs
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...