Incorrect Authorization

Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Incorrect Authorization via the Ftps::add and Ftps::update functions. An attacker can gain unauthorized shell access and escalate privileges by submitting an arbitrary shell value...

Astra Linux - уязвимость в linux-6.1

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-7142

CVE-2026-7142 affects Wooey up to 0.13.2, specifically the function add_or_update_script in wooey/api/scripts.py within the API Endpoint. The issue enables improper authorization via manipulation of the script endpoint, with remote execution possible. Public exploitation has been disclosed. Mitig...

CVE-2023-4712

A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...

CVE-2024-43425 Moodle: remote code execution via calculated question types

A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions...

CVE-2023-4712

A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...

CVE-2018-20369

Barracuda Message Archiver 2018 has XSS in the errormsg exception-handling value for the ldapuser parameter to the cgi-mod/ldaploadentry.cgi module. The injection point of the issue is the AddUpdate module...