10 matches found
Exploit for CVE-2026-25746
CVE-2026-25746 - SQL Injection Vulnerability in OpenEMR Weak...
CVE-2025-28399
An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the updateAddress method of the Address Controller class...
CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter
Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...
CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter
Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...
VMware Spring Framework 安全漏洞
VMware Spring Framework is a set of open source Java, JavaEE application frameworks from VMware. The framework helps developers build high-quality applications. A security vulnerability exists in VMware Spring Framework that stems from the use of the RequestBody byte method parameter in the...
PT-2024-22413 · Scalapay · Scalapay
Name of the Vulnerable Software and Affected Versions: Scalapay versions 1.2.41 and earlier Description: The issue allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method. This is a SQL injection vulnerability. Recommendations: For Scalapay...
CVE-2022-24712
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery CSRF protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for...
Cross site request forgery (csrf)
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery CSRF protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for...
CVE-2022-24712 Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery CSRF protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for...
CVE-2022-24712 Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery CSRF protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for...