PT-2024-22332 · Drawio +1 · Drawio +1

Name of the Vulnerable Software and Affected Versions: OpenOlat versions prior to 18.1.6 OpenOlat versions prior to 18.2.2 Description: OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. By manually manipulating http requests when using...

UBUNTU-CVE-2022-39323

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Time based attack using a SQL injection in api REST usertoken. This issue has been patched, please...

PT-2022-5003 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.5 MediaWiki versions 1.36.x prior to 1.36.3 MediaWiki versions 1.37.x prior to 1.37.1 Description: An issue was discovered in the REST API of MediaWiki, which publicly caches results from private wikis,...

PT-2017-10922

Name of the Vulnerable Software and Affected Versions Stop User Enumeration version 1.3.8 Description The issue allows user enumeration via the REST API. Recommendations For version 1.3.8, consider disabling the REST API until a patch is available to prevent user enumeration...