CVE-2024-7225

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /Script/admin/core/updatepolicy of the component Edit Insurance Policy Page. The manipulation of the argument pname leads to cross site...

Phabricator: Edit Policy restriction does not prevent comments.

Change the edit policy of a Maniphest Task - Attempt to comment on the the task with a user who doesn't have access Impact Given a few users I spoke to believe restricting the edit policy blocks comments, This allows an underpriveleged user to gain access to carry out a restrcited action. Mongoos...

CVE-2018-6229

A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system...

CVE-2018-6229

A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system...

Sql injection

A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system...

Trend Micro Email Encryption Gateway SQL Injection Vulnerability (CNVD-2018-04493)

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. An SQL injection vulnerability exists in the edit policy script in Trend Micro...