67 matches found
CVE-2023-24836
SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...
CVE-2023-24836 SUNNET CTMS - Path Traversal
SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...
CVE-2023-24836
CVE-2023-24836 affects SUNNET CTMS. The vulnerability is a path traversal flaw in the file-uploading function that an authenticated remote attacker with general user privileges can exploit to upload and execute scripts in arbitrary directories, enabling arbitrary system operations or service disr...
PT-2023-19816 · Unknown · Sunnet Ctms
Name of the Vulnerable Software and Affected Versions: SUNNET CTMS affected versions not specified Description: The issue is related to a path traversal vulnerability within the file uploading function of SUNNET CTMS. This allows an authenticated remote attacker with general user privileges to...
SUNNET CTMS 路径遍历漏洞
SUNNET SUNNET CTMS is a learning platform from Taiwan-based SUNNET Technology Corporation. SUNNET CTMS suffers from a path traversal vulnerability, which originates from the presence of a path traversal vulnerability that can be exploited by an authenticated, remote attacker with general user...
CVE-2023-24836 SUNNET CTMS - Path Traversal
SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...
ctms.engin.umich.edu Cross Site Scripting vulnerability OBB-3149043
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2021-44245
An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System CTMS 1.0 via the 1 username and 2 contactno parameters...
Sql injection
An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System CTMS 1.0 via the 1 username and 2 contactno parameters...
CVE-2021-44245
An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System CTMS 1.0 via the 1 username and 2 contactno parameters...
CVE-2021-44245
CVE-2021-44245 affects Courcecodester COVID 19 Testing Management System (CTMS) 1.0. A SQL injection flaw exists in the username and contactno parameters, arising from inadequate input filtering. Exploitation could lead to arbitrary SQL execution, with high/severe impact (per CVSS metrics: HIGH/C...
CVE-2013-5762
Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration...
CVE-2013-5762
Technical details for CVE-2013-5762 are not publicly available in the provided documents. Monitor for updates; no vulnerability specifics (product, version, impact, or fix) are disclosed here.
CVE-2013-5762
Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration...
Design/Logic Flaw
The Media Snapshot implementation on Cisco TelePresence Multipoint Switch CTMS devices allows remote authenticated users to cause a denial of service device reload by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796...
CVE-2013-5516
The Media Snapshot implementation on Cisco TelePresence Multipoint Switch CTMS devices allows remote authenticated users to cause a denial of service device reload by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796...
CVE-2013-5516
The CVE-2013-5516 issue affects Cisco TelePresence Multipoint Switch (CTMS) Media Snapshot handling. A remote, authenticated attacker can cause a DoS (device reload) by sending continuous Media Snapshot requests during meeting termination. Affected component: Media Snapshot code; root cause: impr...
Cisco TelePresence Multipoint Switch XML-RPC DoS (cisco-sa-20110223-telepresence-ctms)
According to its self-reported version number, the version of Cisco TelePresence Multipoint Switch running on the remote host has a denial of service vulnerability. Sending a malicious XML-RPC request to TCP port 9000 could crash the call geometry process. A remote, unauthenticated attacker could...
Design/Logic Flaw
The Java Servlet framework on Cisco TelePresence Multipoint Switch CTMS devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253...