22 matches found
EUVD-2023-57930
Malicious code in bioql PyPI...
EUVD-2023-57929
Malicious code in bioql PyPI...
CVE-2023-5637
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable. This issue affects Education Portal: before v1.1...
CVE-2023-5637
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1...
CVE-2023-5635
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting. This issue affects Education Portal: before v1.1...
CVE-2023-5636
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.This issue affects Education Portal: before v1.1...
CVE-2023-5634
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ArslanSoft Education Portal allows SQL Injection.This issue affects Education Portal: before v1.1...
CVE-2023-5634
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ArslanSoft Education Portal allows SQL Injection. This issue affects Education Portal: before v1.1...
CVE-2023-5634
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ArslanSoft Education Portal allows SQL Injection. This issue affects Education Portal: before v1.1...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ArslanSoft Education Portal allows SQL Injection.This issue affects Education Portal: before v1.1...
Input validation
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting.This issue affects Education Portal: before v1.1...
Design/Logic Flaw
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.This issue affects Education Portal: before v1.1...
CVE-2023-5636
Affected software: ArslanSoft Education Portal (before v1.1). Vulnerability type: Unrestricted Upload of File with Dangerous Type leading to Command Injection via file upload. Root cause / impact: Unrestricted file upload allows attacker to place and execute a dangerous file, enabling command exe...
CVE-2023-5635 User Enumeration in ArslanSoft's Education Portal
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting. This issue affects Education Portal: before v1.1...
CVE-2023-5635
The CVE-2023-5635 entry affects ArslanSoft Education Portal versions prior to 1.1, where improper protection of outbound error messages and alert signals enables account footprinting. This is documented across multiple sources, including NVD and related advisories, which indicate the vulnerabilit...
CVE-2023-5634
The CVE-2023-5634 entry applies to ArslanSoft Education Portal. Affects Education Portal components handling SQL queries prior to version 1.1. Root cause is improper neutralization of special elements in SQL commands (SQL Injection). Reported impact includes high confidentiality, integrity, and a...
PT-2023-32228
Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to 1.1 Description The issue allows for the unrestricted upload of files with dangerous types, enabling the reading of sensitive strings within an executable. Recommendations For versions prior to 1.1...
PT-2023-32227
Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to v1.1 Description The issue allows Command Injection due to an Unrestricted Upload of File with Dangerous Type vulnerability. Recommendations For versions prior to v1.1, update to version v1.1 or...
ArslanSoft Education Portal SQL Injection Vulnerability
ArslanSoft Education Portal is an education portal from ArslanSoft, Inc. A SQL injection vulnerability exists in versions prior to ArslanSoft Education Portal v1.1, which stems from the presence of a SQL injection vulnerability...