systems@work time@work SQL注入漏洞

systems@work time@work is a service automation and working hours management system of the Czech company systems@work. Version 7.0.5 of systems@work time@work has a SQL injection vulnerability. This vulnerability arises from the IDClient parameter, which is vulnerable to authenticated brute-force...

CVE-2024-45327

An improper authorization vulnerability CWE-285 in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 through 7.0.3 change password endpoint may allow an authenticated attacker to perform a brute force attack on users and administrators password via crafted HTT...