PT-2023-4660 · Tp Link · Tp-Link Tapo C210

Name of the Vulnerable Software and Affected Versions: TP-Link Tapo C210 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Tapo C210 IP cameras. Although authentication is required to exploit th...

Atlassian Jira 7.13.0 < 7.13.6 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.6 or 8.0.0 prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A issue which permits remote attackers to trigger garbage collection v...

CVE-2023-1257

An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device’s authentication...

Moxa UC 安全漏洞

The MOXA UC Series is a series of computers from the Chinese company Moxa MOXA. The Moxa UC suffers from a security vulnerability that originates from the fact that an attacker with physical access can boot the device to reboot and gain access to its BIOS, which can then be used to change command...

jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin

A Cross-site scripting XSS vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines...

PT-2023-15915 · Icplayer · Icplayer

Name of the Vulnerable Software and Affected Versions: icplayer versions up to 0.819 Description: A vulnerability was found in icplayer, affecting the function AddonText Selection create of the file addons/Text Selection/src/presenter.js. This issue leads to cross-site scripting and can be launch...

CVE-2022-20551

In createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-24652

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function...

CVE-2023-24652

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function...

CVE-2023-24656

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function...

CVE-2023-24656

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function...

Sql injection

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function...

Sql injection

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function...

CVE-2023-1058

A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2023-1058

A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

Sql injection

A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2023-1058 SourceCodester Doctors Appointment System create-account.php sql injection

A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2023-24652

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function...

PT-2023-19725 · Unknown · Simple Customer Relationship Management System

Name of the Vulnerable Software and Affected Versions: Simple Customer Relationship Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the Description parameter under the Create ticket function. Recommendations...

CVE-2023-24656

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function...