231 matches found
PT-2021-30996
Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in the Blink browser module’s rendering engine due to errors in the implementation of security checks for standard elements. Successful exploitation could allow a remote...
The vulnerability of the Icinga system for monitoring network resources’ accessibility lies in its lack of sufficient validation of input data. This allows attackers to add, modify, or delete information within the system.
The vulnerability of Icinga’s system for monitoring network resources exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to add, modify, or delete information remotely...
CVE-2021-33704
The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited via Network stack...
CVE-2021-20768
Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege...
Minecraft 路径遍历漏洞
Minecraft My World is a Swedish sandbox game by Mojang. Minecraft had a path traversal vulnerability prior to 1.17.1 that originated when online-mode=false was configured to allow path traversal to delete arbitrary JSON files...
CVE-2021-27828
SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...
CVE-2021-27828
SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...
In4Suit ERP 3.2.74.1370 SQL Injection
Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite...
In4Suit ERP 3.2.74.1370 - (txtLoginId) SQL injection Vulnerability
Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite ERP 3.2.74.1370...
In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection
Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows CVE: CVE-2021-27828 ----------------------------------------- SQL...
CVE-2021-2267
Vulnerability in the Oracle Labor Distribution product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Labor Distribution...
The vulnerability of the TCP/IP protocol implementation in the Stack Trace stack allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the TCP/IP protocol implementation in the Trace stack is related to integer overflows. Exploiting this vulnerability allows a remote attacker to gain access to modify, add, or delete data...
The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that information.
The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...
The vulnerability of the Message Display component of the Oracle Email Center software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.
The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain read, modify, add, or delete access to data, or to cause a service failure.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data, or cause a service failure using the HTTP...
The vulnerability of the Worklist component of the Oracle Workflow system allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.
The vulnerability of the Worklist component of the Oracle Workflow system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information, or to modify, add, or delete data using the HTTP...
The vulnerability of the Miscellaneous component of the Oracle Scripting environment for creating and processing scripts allows a malicious individual to gain unauthorized access to protected information or to read, add, or delete data.
The vulnerability of the Miscellaneous component of the Oracle Scripting environment for creating and processing scripts is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or...
The vulnerability of the Runtime Catalog component of the Oracle iStore system, a system for creating, managing, and personalizing online stores, allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.
The vulnerability of the Runtime Catalog component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized acce...
The vulnerability of the UI Servlet component of the Oracle Configurator allows a perpetrator to gain unauthorized access to protected information or to read, modify, add, or delete data.
The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to read, modify, add, or delete data using the...
The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over the data.
The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add,...