15492 matches found
ESKOM Computer e-municipality module security vulnerability
ESKOM Computer e-municipality module is an application from ESKOM Inc. A security vulnerability exists in versions prior to ESKOM Computer e-municipality module v.105 that stems from improper privilege management and allows collection of user-supplied data...
computer-associes.com Improper Access Control vulnerability OBB-3796148
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
MAL-2023-8619 Malicious code in oddsfire-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6560345fe7b94e452865d383a96b49b27e71c7113505ddfd5306218da9648d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8610 Malicious code in docusaurus-plugin-matamoh (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2587fce317c90b4371750f6dc2bd4c7d9ea86770d868b63eabf68afc96029c02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8615 Malicious code in wehackrepos (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c49ad5602ec9e0e00a9541dfd9e6fb3a7a4ae437f82ee23bd59a91ea4ec9e32 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in grunt-ac-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ee5b34eed1211ec1daf03801aa41a40775a16812380c42cd332d788e4a55d4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8601 Malicious code in purchase (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 818b7cf6f19f5659849b9ba6ea11d5b53b47330d31838d371590e07f9107bfe3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8597 Malicious code in immutable-seaport (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d0c3932175941cfb3e5c2e6d1807cec6b147c92543a4a46e15833d6fe6837bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in todo-backend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4dc3036374d0687be9d2c3ce1a73b73181d87ad3e1a67d8368bb460150148c5e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8596 Malicious code in eslint-plugin-discord (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4707252020cd550543cb451c800321561d678699d3436d86de8dacbb22c6c32 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8598 Malicious code in mpesa_listener (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e199077f87759b128b0a7c55634d5244e7a755733448a075a8de1d9307e284d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-28813
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Veribilim Software Computer Veribase allows SQL Injection.This issue affects Veribase: through 20231123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2023-3377
Veribase (Veribilim Software) is affected by CVE-2023-3377 due to improper neutralization of special elements in SQL commands, enabling SQL Injection. Affected versions: through 20231123. Impact is described as high/critical (CONF, INTEG, AVAIL all high) with network-wide, no-auth, no-user intera...
CVE-2023-3377 SQLi in Veribilim's Veribase
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Veribilim Software Computer Veribase allows SQL Injection. This issue affects Veribase: through 20231123. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2023-2889
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Veon Computer Service Tracking Software allows SQL Injection. This issue affects Service Tracking Software: before crm 2.0...
CVE-2023-2889
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Veon Computer Service Tracking Software allows SQL Injection. This issue affects Service Tracking Software: before crm 2.0...
CVE-2023-2889 SQLi in Veon Computer's Service Tracking Software
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Veon Computer Service Tracking Software allows SQL Injection. This issue affects Service Tracking Software: before crm 2.0...
CVE-2023-2889
The CVE-2023-2889 entry concerns Veon Computer Service Tracking Software with an SQL Injection due to improper neutralization of input. Affected: Veon Service Tracking Software prior to version 2.0 (and versions up to 20231122). Root cause: improper neutralization of special elements in SQL comma...
MAL-2023-8554 Malicious code in ory-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10ee2bc9e167728f46f301228a2569bcd7eda2f19c27f24784dd4497cf1af3be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...