CVE-2022-44543

The femanager extension before 5.5.2, 6.x before 6.3.3, and 7.x before 7.0.1 for TYPO3 allows creation of frontend users in restricted groups if there is a usergroup field on the registration form. This occurs because the usergroup.inList protection mechanism is mishandled...

CVE-2023-2946

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1...

PT-2023-5356 · Openemr · Openemr

Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.1 Description: The issue is due to improper input validation in the OpenEMR software, which can be exploited by a remote attacker to impact the confidentiality and integrity of data. Recommendations: For versions...

OpenEMR 访问控制错误漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing requests. An Access Control Error vulnerability exists in versions of OpenEMR prior to 7.0....

OpenEMR 跨站脚本漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A cross-site scripting vulnerability exists in versions of OpenEMR prior to 7.0.1...

CVE-2022-22680

Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors...

PT-2022-11936 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.0.1-42218-2 Description: The issue is related to improper neutralization of special elements used in an SQL command, also known as SQL Injection, in the Security Management functionality...

PT-2022-15624 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.0.1-42218-2 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This allows remote authenticated users to...

Hardcoded credentials

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

WordPress Quiz and Survey Master plugin Arbitrary File Upload Vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Quiz and Survey Master plugin is a plugin in WordPress. An arbitrary file upload vulnerability exis...

UBUNTU-CVE-2016-3714

The 1 EPHEMERAL, 2 HTTPS, 3 MVG, 4 MSL, 5 TEXT, 6 SHOW, 7 WIN, and 8 PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."...

PHP Memory Misreference Vulnerability

PHP is a widely used general purpose scripting language. A memory misreference vulnerability exists in the function Collator::sortWithSortKeys in ext/intl/collator/collatorsort.c in version 7.x of PHP prior to 7.0.1, which can be exploited by a remote attacker to cause a denial of service...