CVE-2024-4921

A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /employeegatepass/classes/Users.php?f=ssave. The manipulation of the argument img leads to unrestricted upload. It is possible to...

CVE-2024-4921

CVE-2024-4921 affects the SourceCodester Employee and Visitor Gate Pass Logging System 1.0. The vulnerability is in an unknown function of the file /employee_gatepass/classes/Users.php?f=ssave, where manipulation of the img parameter enables unrestricted upload. This can be exploited remotely, an...

CVE-2024-23722

In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly...

Authentication flaw

Insertion of sensitive information in the centralized Grafana logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs as a Granafa authenticated user or from the Loki REST API without...

CVE-2023-36649

Insertion of sensitive information in the centralized Grafana logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs as a Granafa authenticated user or from the Loki REST API without...

The vulnerability of the BioTime time-logging management web platform, related to deficiencies in access control, allows a violator to gain unauthorized access to protected information.

The vulnerability of the BioTime time-logging management web platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information by sending a specially crafted HTTP request...

Fedora 37 : cups (2023-9dbd5b28d4)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9dbd5b28d4 advisory. 2218124 - The command cancel -x does not remove job files 2218123 - Delays printing to lpd when reserved ports are exhausted Security fix for...

Design/Logic Flaw

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...

CVE-2023-31752

SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employeegatepass/classes/Login.php...

Sql injection

SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employeegatepass/classes/Login.php...

CVE-2023-31752

SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employeegatepass/classes/Login.php...

CVE-2023-31752

CVE-2023-31752 affects SourceCodester’s Employee and Visitor Gate Pass Logging System v1.0, with a reported SQL Injection vulnerability in /employee_gatepass/classes/Login.php. The CVSSv3.1 base metrics indicate a critical impact (9.8) across confidentiality, integrity, and availability, with net...

Sql injection

A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /admin/maintenance/viewdesignation.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...

CVE-2023-2090 SourceCodester Employee and Visitor Gate Pass Logging System GET Parameter view_designation.php sql injection

A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /admin/maintenance/viewdesignation.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...

FreeBSD : traefik -- multiple vulnerabilities (508da89c-78b9-11ed-854f-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 508da89c-78b9-11ed-854f-5404a68ad561 advisory. - Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are...

Information Disclosure

github.com/traefik/traefik is vulnerable to information disclosure. The vulnerability exists in the New function of circuitbreaker.go because the authorization header is displayed in the debug logs, allowing an attacker to access the user logging system and steal user credentials...

Authorization

Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization heade...

CVE-2022-23469 Authorization header displayed in the debug logs

Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization heade...

SourceCodester Employee and Visitor Gate Pass Logging System SQL注入漏洞

SourceCodester Employee and Visitor Gate Pass Logging System is a simple web-based employee and visitor pass logging system that provides companies with an automated platform to track or log the daily records of employees and visitors entering a company building or premises. A SQL injection...

Sql injection

An SQL Injection vulnerability exists in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0 via the username parameter...