12 matches found
EUVD-2025-4487
Malicious code in bioql PyPI...
SourceCodester School Log Management System SQL注入漏洞
SourceCodester School Log Management System is a SourceCodester open source school log management system. A SQL injection vulnerability exists in SourceCodester School Log Management System version 1.0, which originates from an SQL injection in the id function of the /admin/manageuser.php page...
CVE-2024-5896 SourceCodester Employee and Visitor Gate Pass Logging System save_users sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function saveusers of the file /classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. It is possible to launch the atta...
Microsoft (& Apple) Patch Tuesday, April 2023 Edition
Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day...
Microsoft Windows Common Log File System Driver信息泄露漏洞
The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. An...
Network-based DNS logging in Go: GoPassiveDNS
A network-capture based DNS logger, inspired by passivedns. It uses gopacket to deal with libpcap and packet processing. It outputs JSON logs. It is intended to deal with high volume query capture in environments with anywhewre from one to hundreds of DNS resolvers. Why not use PassiveDNS from...
JVN#36673836: Movable Type vulnerable to cross-site scripting
Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is different than the previous vulnerabilities disclosed on JVN. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the...
JVN#92854093 Movable Type vulnerable to cross-site scripting
Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is different than the previous vulnerabilities disclosed on JVN. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the...
REP-BBS from MT312 vulnerable to cross-site scripting
Overview REP-BBS from MT312 contains a cross-site scripting vulnerability. REP-BBS from MT312, is a web log system that supports posting and viewing web logs from a mobile phone. REP-BBS contains a cross-site scripting vulnerability. Note that versions of REP-BBS repbbs.lzh that contain "model.ph...
JVN#97248625 Movable Type cross-site scripting vulnerability
Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is a different vulnerability than past reports on JVN. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest versio...
JVN#71945722 Movable Type Enterprise cross-site scripting vulnerability
Movable Type Enterprise, a web log system from Six Apart KK for business users, contains a cross-site scripting vulnerability. This vulnerability is different from JVN02216739. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...
JVN#02216739 Movable Type Enterprise cross-site scripting vulnerability
Movable Type Enterprise, a web log system from Six Apart KK for business users, contains a cross-site scripting vulnerability. This vulnerability is different from JVN30385652 and JVN81490697. Impact An arbitrary script may be executed on an user's web browser. Solution Update the Software Update...