IBPhoenix ibWebAdmin 代码注入漏洞

IBPhoenix ibWebAdmin is a Firebird and InterBase database server web front end from IBPhoenix. A code injection vulnerability exists in IBPhoenix ibWebAdmin 1.0.2 and earlier versions, which stems from the parameter dbloginrole in the file /database.php that causes cross-site scripting...

Sensitive Data Exposure

Flask-AppBuilder is vulnerable to Sensitive Data Exposure. The vulnerability is due to insecure cache directives for the auth DB login form, which allows browsers to locally store sensitive data...

Mail.ru: mailer.i.bizml.ru viber service preprod information disclosure

DEBUG mode enabled on http://52.29.101.127:1060/ leading to DB login and passwd leaks...

Design/Logic Flaw

install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value...

CVE-2018-7466

install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value...

CVE-2018-7466

install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value...