5 matches found
Incomplete List of Disallowed Inputs
Overview org.webjars.npm:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the isLoopback host check in the proxy helper, which relied on a static list of LOOPBACKADDRESSES. An attacker ca...
Incomplete List of Disallowed Inputs
Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Incomplete List of Disallowed Inputs
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Exploit for Incomplete List of Disallowed Inputs in Mmaitre314 Picklescan
PO...
Bookreen Security Breach
Bookreen is a workspace scheduling software from Bookreen Turkey. It allows every location bookable via IoT devices to create maximum efficiency and satisfaction. A security vulnerability exists in Bookreen versions prior to 3.0.0 that stems from an incomplete input list that allows privilege...