70 matches found
EUVD-2004-0937
Malware in sbrugna...
EUVD-2003-0212
Malware in sbrugna...
EUVD-2017-0526
Malware in sbrugna...
EUVD-2024-46775
Malicious code in bioql PyPI...
extranet.piarc.org Cross Site Scripting vulnerability OBB-4042773
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
extranet.gz-wetterau.de Cross Site Scripting vulnerability OBB-4042771
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
shudong-share SQL注入漏洞
shudong-share is a free and open source PHP extranet system by AaronLiu's personal developer. A SQL injection vulnerability exists in shudong-share 2.4.7 and earlier versions, which originates from the parameter fkey in the file /includes/createshare.php of Share Handler, which can lead to SQL...
VulnCheck KEV: CVE-2023-37582
The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the...
ManageEngine ADAudit Plus < Build 8121 Multiple Vulnerabilities
The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8121. It is, therefore, affected by multiple vulnerabilities. - Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option...
CVE-2024-5586
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option...
CVE-2024-5586
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option...
CVE-2024-5586
CVE-2024-5586 affects Zohocorp ManageEngine ADAudit Plus
CVE-2024-5586 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option...
CVE-2024-5586 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option...
PT-2024-36592 · Zohocorp · Zoho Manageengine Adaudit Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8121 Description: The issue concerns an authenticated SQL injection vulnerability in the extranet lockouts report option. This vulnerability can be exploited by authenticated users, potentiall...
extranet.ceuma.br Cross Site Scripting vulnerability OBB-3782211
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Apache RocketMQ < 4.9.7 / 5.x < 5.1.2 RCE (CVE-2023-37582)
The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 4.9.6 / 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by...
extranet-clubalpin.com Cross Site Scripting vulnerability OBB-3747596
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
extranet.dromoise.fr Cross Site Scripting vulnerability OBB-3693642
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Apache RocketMQ Command Execution Vulnerability
Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running...