28 matches found
EUVD-2022-6550
Malicious code in bioql PyPI...
CVE-2020-14320
In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk...
PT-2024-22648 · Dell · Dell Scg
Name of the Vulnerable Software and Affected Versions: Dell SCG versions prior to 5.24.00.00 Description: The issue is related to an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API. This could allow a remote low privileged attacker to execute certain...
BIT-MOODLE-2020-14320
In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk...
CVE-2023-48021
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/task/update...
CVE-2023-48021
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/task/update...
Dreamer CMS Security Vulnerability
Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version v4.1.3, which stems from a cross-site request forgery CSRF vulnerability via /admin/task/changeStatus...
CVE-2023-48021
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/task/update...
CVE-2023-48060
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/task/add...
CVE-2023-48058
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/task/run...
CVE-2023-48058
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/task/run...
CVE-2023-48058
Dreamer CMS and related records: CVE-2023-48058 is a CSRF affecting Dreamer CMS v4.1.3, involving the /admin/task/run component. The vulnerability allows unauthorized actions to be performed by an authenticated user (high impact: confidentiality, integrity, and availability all rated High). Publi...
PT-2023-30688 · Unknown · Dreamer Cms
Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.1.3 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/task/add". This issue may allow unauthorized actions to be performed on behalf of a user. Recommendations: For Dreamer CMS...
Dreamer CMS Security Vulnerability
Dreamer CMS is a Dreamer Content Management System by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version 4.1.3, which stems from a cross-site request forgery CSRF vulnerability in component /admin/task/run...
CVE-2023-48060
Dreamer CMS v4.1.3 contains a Cross-Site Request Forgery (CSRF) in the component "/admin/task/add". The root cause is a CSRF flaw that can enable unauthorized actions on behalf of a user; CVSSv3.1: 8.8 (HIGH) with network attack vector, low attack complexity, no privileges, user interaction requi...
Dreamer CMS Security Vulnerability
Dreamer CMS is a Dreamer Content Management System by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version 4.1.3, which stems from a cross-site request forgery CSRF vulnerability in component /admin/task/add...
PT-2023-30687 · Unknown · Dreamer Cms
Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.1.3 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/task/run component. This allows for unauthorized actions to be performed on behalf of an authenticated user. Recommendations: For...
Moodle reflected XSS Vulnerability
In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk...
CVE-2020-14320
In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk...
CVE-2020-14320
In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk...