Lucene search
+L

110 matches found

CVE
CVE
added 2024/01/26 12:0 a.m.45 views

CVE-2023-48131

CHIGASAKI BAKERY mini-app on Line v13.6.1 has a vulnerability where leakage of the channel access token enables attackers to send crafted malicious notifications. Documents consistently describe the issue as an access-token leakage affecting the Line integration’s CHIGASAKI BAKERY component, allo...

5.4CVSS5.5AI score0.00359EPSS
Exploits1References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/01/06 11:32 p.m.3 views

Malicious code in bakery-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a8e5bc15b6be0a7b0cb44ca4ad86f63a0b563af9160ffe245052f833f3e02ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSV
OSV
added 2024/01/06 11:32 p.m.8 views

MAL-2024-40 Malicious code in bakery-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a8e5bc15b6be0a7b0cb44ca4ad86f63a0b563af9160ffe245052f833f3e02ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/10/25 6:17 p.m.2 views

CVE-2023-39739

The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...

8.2CVSS5.8AI score0.00585EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/10/25 6:17 p.m.3 views

CVE-2023-39739

The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...

8.2CVSS7.3AI score0.00585EPSS
Exploits1References3
NVD
NVD
added 2023/10/25 6:17 p.m.12 views

CVE-2023-39739

The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...

8.2CVSS8.1AI score0.00585EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.4 views

PT-2023-27095 · Unknown · Regina Sweets&Bakery Line

Name of the Vulnerable Software and Affected Versions: REGINA SWEETS&BAKERY Line version 13.6.1 Description: The issue allows attackers to obtain the channel access token and send crafted broadcast messages due to the leakage of the client secret. Recommendations: For REGINA SWEETS&BAKERY Line...

8.2CVSS6.8AI score0.00585EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/10/24 12:0 a.m.11 views

CVE-2023-39739

The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...

6.8AI score0.00585EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/24 12:0 a.m.18 views

CVE-2023-39739

The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...

8.3AI score0.00585EPSS
Exploits1References2
CVE
CVE
added 2023/10/24 12:0 a.m.37 views

CVE-2023-39739

CVE-2023-39739 affects REGINA SWEETS&BAKERY Line, version 13.6.1. The root cause described across connected sources is leakage of the client secret, which allows an attacker to obtain the channel access token and send crafted broadcast messages. Documents do not specify a vendor patch or remediat...

8.2CVSS8AI score0.00585EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/03/12 8:15 a.m.7 views

CVE-2023-1357

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Bakery Shop Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation of the argument username/password with the input admin' or 1=1 -- leads...

9.8CVSS6.8AI score0.00554EPSS
Exploits0References2
NVD
NVD
added 2023/03/12 8:15 a.m.22 views

CVE-2023-1357

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Bakery Shop Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation of the argument username/password with the input admin' or 1=1 -- leads...

9.8CVSS8.1AI score0.00554EPSS
Exploits0References2
Prion
Prion
added 2023/03/12 8:15 a.m.24 views

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Bakery Shop Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation of the argument username/password with the input admin' or 1=1 -- leads...

7.5CVSS9.6AI score0.00554EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/12 7:31 a.m.31 views

CVE-2023-1357 SourceCodester Simple Bakery Shop Management System Admin Login sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Bakery Shop Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation of the argument username/password with the input admin' or 1=1 -- leads...

7.5CVSS9.9AI score0.00554EPSS
Exploits0References2
CVE
CVE
added 2023/03/12 7:31 a.m.65 views

CVE-2023-1357

The CVE refers to a critical SQL injection in SourceCodester Simple Bakery Shop Management System 1.0, affecting the Admin Login functionality. The vulnerability arises from injecting into the username/password parameters using the payload admin' or 1=1 --, which can be exploited remotely. Multip...

9.8CVSS8.8AI score0.00554EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/12 12:0 a.m.7 views

PT-2023-16924 · Sourcecodester · Sourcecodester Simple Bakery Shop Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Bakery Shop Management System version 1.0 Description: A critical issue has been found in the Admin Login component, where the manipulation of the username/password argument with the input admin' or 1=1 -- leads to SQL...

9.8CVSS7.8AI score0.00554EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/12 12:0 a.m.5 views

Simple Bakery Shop Management SQL注入漏洞

Simple Bakery Shop Management is a bakery store management system. A SQL injection vulnerability exists in SourceCodester Simple Bakery Shop Management System version 1.0, which stems from a SQL injection vulnerability in the parameter sername/password...

9.8CVSS7.8AI score0.00554EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2022/07/18 8:15 a.m.10 views

livoniabakeryandcafe.com Cross Site Scripting vulnerability OBB-2792749

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2022/06/23 7:15 p.m.2 views

CVE-2022-32987

Multiple cross-site scripting XSS vulnerabilities in /bsms/?page=manageaccount of Simple Bakery Shop Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username or Full Name fields...

4.8CVSS6AI score0.00517EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/23 6:38 p.m.21 views

CVE-2022-32987

Multiple cross-site scripting XSS vulnerabilities in /bsms/?page=manageaccount of Simple Bakery Shop Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username or Full Name fields...

5.4AI score0.00517EPSS
Exploits1References2
Rows per page
Query Builder