13 matches found
EUVD-2021-24184
Malware in sbrugna...
EUVD-2021-24185
Malware in sbrugna...
EUVD-2021-28295
Malicious code in bioql PyPI...
EUVD-2021-28289
Malicious code in bioql PyPI...
CVE-2021-32766
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link sha...
CVE-2024-6427
MESbook is affected by CVE-2024-6427 via the message parameter in version 20221021.03, allowing an unauthenticated remote attacker to inject JavaScript payloads that cause the application to loop requests, leading to resource consumption and potential service disruption. Multiple connected source...
PT-2023-2925
Name of the Vulnerable Software and Affected Versions Weaver e-cology versions up to 9.0 Description A problematic vulnerability was found in the RequestInfoByXml function of the API component, leading to xml external entity reference. This issue is related to incorrect restriction of XML links t...
SUSE CVE-2021-32734
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...
SUSE CVE-2021-41233
Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server. Due to an issue with the Nextcloud Text application, which is by default shipped with Nextcloud Server, an attacker is able to access the folder names of "File Drop". For successful exploitation an...
CVE-2021-41233 Missing authorization in Nextcloud text
Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server. Due to an issue with the Nextcloud Text application, which is by default shipped with Nextcloud Server, an attacker is able to access the folder names of "File Drop". For successful exploitation an...
Design/Logic Flaw
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link sha...
CVE-2006-6422
Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle certain proxy requests, which allows remote attackers to disable the application by entering invalid license data on a form, possibly involving modules/core/license.inc.php. NOTE: The provenance of this information is unknown; th...
Matt Kruse calendar_admin.pl Shell Metacharacter Arbitrary Command Execution
The 'calendaradmin.pl' CGI is installed. This CGI has a well known security flaw that allows a remote attacker to execute commands with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...