10 matches found
EUVD-2023-30279
Malicious code in bioql PyPI...
CVE-2023-26459
Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, an attacker authenticated as a non-administrative user can craft a request which will trigger the application server to send a request to ...
CVE-2023-26459 Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, an attacker authenticated as a non-administrative user can craft a request which will trigger the application server to send a request to ...
CVE-2023-26459
CVE-2023-26459 affects SAP NetWeaver AS for ABAP and ABAP Platform (versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791). The issue arises from improper input controls allowing an authenticated, non-administrative user to craft a request that makes the application server...
PT-2023-20652 · Sap · Abap Platform +1
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS for ABAP and ABAP Platform versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791 Description: The issue is caused by improper input controls, allowing an authenticated non-administrative user to craft ...
hibernate-validator: Improper input validation in the interpolation of constraint error messages
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation escaping, stripping controls that developers may have put in place...
IBM WebSphere Commerce Code Injection Vulnerability
IBM WebSphere Commerce is a suite of e-business solutions from IBM in the United States. The solution supports all sales business models, including B2C, B2B and B2B2C, on a single customer interaction platform. A security vulnerability exists in IBM WebSphere Commerce that stems from the program'...
SASHA 0.2.0 Cross Site Scripting
Exploit Title: SASHA v0.2.0 Mutiple XSS Date: 12/16/11 Author: G13 Software Link: http://sourceforge.net/projects/sasha/files/ Version: 0.2.0 Category: webapps php Vulnerability When adding a new course to the schedule, the application relies on Client Side controls for input. This can easily be...
Mozilla Foundation Security Advisory 2008-02
Mozilla Foundation Security Advisory 2008-02 Title: Multiple file input focus stealing vulnerabilities Impact: Moderate Announced: February 7, 2008 Reporter: hong, Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.12 SeaMonkey 1.1.8 Description Security researchers hong and...
security flaw
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by 1 inserting the target filename into a text box, then turning that box into a file upload control, or 2 changing the type of the...