CVE-2022-23475

daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting XSS and cross site request forgery CSRF vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected in...

EUVD-2022-28537

Malicious code in bioql PyPI...

PT-2022-27800 · Unknown · Daloradius

Name of the Vulnerable Software and Affected Versions: daloradius versions prior to master Description: The issue concerns a sensitive cookie without the 'HttpOnly' flag in the GitHub repository lirantal/daloradius. This could potentially allow unauthorized access to sensitive information...

CVE-2022-23475 dalorRadius full account take over

daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting XSS and cross site request forgery CSRF vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected in...