8 matches found
EUVD-2022-3782
Malicious code in bioql PyPI...
GHSA-FH55-VWJC-69C7 Unescaped control characters in Gitblit
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "admin"' value...
Unescaped control characters in Gitblit
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "admin"' value...
CVE-2022-31267
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "admin"' value...
CVE-2022-31267
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "admin"' value...
CVE-2022-31267
CVE-2022-31267 affects Gitblit 1.9.2. The issue is privilege escalation via the Config User Service: a control character (for example, in an emailAddress field with a newline/tab) can be interpreted to set role = "#admin". NVD cites CVSSv2/3.1 base scores of 7.5 (HIGH) and 9.8 (CRITICAL). Rationa...
CVE-2020-15046
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/configuser.cgi CSRF issue to add new admin users. The fixed versions are BIOS 3.2 and firmware 03.88...
Bradabra 2.0.5 - includeincludes.php Remote File Inclusion
Bradabra 2.0.5 - includeincludes.php Remote File Inclusion ====================================================================== Bradabra == v2.0.5 Remote File Include Vulnerability ====================================================================== Downlaoad Script...