37 matches found
Microsoft .NET 安全漏洞
Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There are security vulnerabilities in Microsoft .NET. Attackers can exploit the...
ROS-20251125-12
Vulnerability of QuerySet and Q objects of Django web application development platform is related to failure to take measures to protect the SQL query structure when processing an argument with the connector keyword. Exploitation of the vulnerability could allow an attacker acting remotely to...
EUVD-2018-18854
Malware in sbrugna...
EUVD-2017-11460
Malware in sbrugna...
EUVD-2021-8214
Malicious code in bioql PyPI...
EUVD-2023-43637
Malicious code in bioql PyPI...
EUVD-2023-32318
Malicious code in bioql PyPI...
CVE-2024-31077
Forminator prior to 1.29.3 contains a SQL injection vulnerability. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege may obtain and alter any information in the database and cause a denial-of-service DoS condition...
CVE-2024-42404
SQL injection vulnerability in Welcart e-Commerce prior to 2.11.2 allows an attacker who can login to the product to obtain or alter the information stored in the database...
CVE-2023-47609
SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3 allows a remote authenticated attacker to execute arbitrary code or obtain and/or alter the information stored in the database by sending a specially crafted request...
CVE-2021-20802
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product...
CVE-2020-5550
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors...
CVE-2019-5931
Cybozu Garoon 4.0.0 to 4.6.3 allows authenticated attackers to alter the information with privileges invoking the installer via unspecified vectors...
CVE-2024-55231
An IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to modify notes belonging to other accounts due to missing authorization checks. This flaw exposes sensitive data and enables attackers to alter another user's...
CVE-2024-36082
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker...
inDrive: Reflected XSS of media.indrive.com
Vulnerability description not provided...
CVE-2024-27974
Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator's ID, password, etc...
CVE-2023-28657
Improper access control vulnerability exists in CONPROSYS HMI System CHS versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As a result, information regarding the product may be obtained and/or altered by the user...
Authentication flaw
Authentication bypass vulnerability in NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series all versions allows a remote unauthenticated attacker to alter the information stored in the system...
CVE-2023-27919
CVE-2023-27919 describes an authentication bypass in the NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series) , affecting all versions. The vulnerability allows a remote unauthenticated attacker to alter information stored in the system. The provided documents do not include a published fix or...