19 matches found
CVE-2024-32406
Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...
CVE-2024-32404
Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature...
CVE-2024-32404
Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature...
CVE-2024-32406
Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...
CVE-2024-32404
Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature...
CVE-2024-32406
Relate Relate Learning and Teaching System (inducer relate) prior to 2024.1 is affected by a Server-Side Template Injection (SSTI) in the Batch-Issue Exam Tickets function, enabling remote arbitrary code execution. Concrete details across sources specify the vulnerability in inducer relate before...
CVE-2024-32406
Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...
CVE-2024-32406
Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...
PT-2024-24549 · Inducer · Inducer
Name of the Vulnerable Software and Affected Versions: inducer relate versions prior to 2024.1 Description: The issue is related to a Server-Side Template Injection SSTI vulnerability, which allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature...
PT-2024-24551
Name of the Vulnerable Software and Affected Versions inducer relate versions prior to 2024.1 Description A Server-Side Template Injection SSTI issue allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function. This enables the attacker to...
CVE-2024-32407
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature...
CVE-2024-32407
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature...
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...
CVE-2024-32407
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature...
CVE-2024-32407
The CVE-2024-32407 issue affects Inducer Relate before version 2024.1. The vulnerability allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature. Red Hat and PT Security references confirm affected versions and advise applying the fix by upgrading to 2...
CVE-2024-32407
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature...
PT-2024-24552 · Inducer · Inducer
Name of the Vulnerable Software and Affected Versions: inducer versions prior to 2024.1 Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature. Recommendations: For versions prior to 2024.1, update to version 2024.1 or later to...
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...
Lucid Dream Inducer - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Lucid Dream Inducer published at the 'play' market has multiple vulnerabilities...