VICIdial Sensitive Information Disclosure

VICIdial's Web Client is susceptible to information disclosure because it contains many sensitive files that can be accessed from the client side. These files contain mysqli logs, auth logs, debug information, successful and unsuccessful login attempts with their corresponding IP's, User-Agents,...

py39-celery -- command injection vulnerability

Snyk reports: This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends result stores. When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within ...

Mambo Component Reporter 1.0 - Reporter.sql.php Remote File Inclusion

Mambo Component Reporter 1.0 - Reporter.sql.php Remote File Inclusion source: https://www.securityfocus.com/bid/19553/info Reporter a Mambo component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to...

CVE-2000-0789

WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges...