9 matches found
CVE-2025-67342
RuoYi versions 4.8.1 and earlier is affected by a stored XSS vulnerability in the /system/menu/edit endpoint. While the endpoint is protected by an XSS filter, the protection can be bypassed. Additionally, because the menu is shared across all users, any user with menu modification permissions ca...
CVE-2025-67342
CVE-2025-67342 affects Ruoyi (RuoYi) 4.8.1 and earlier, with a stored XSS in the /system/menu/edit endpoint where the XSS filter can be bypassed. Because the menu is shared across all users, any user with menu modification permissions can impact all users. Affected component: /system/menu/edit; r...
EUVD-2015-7160
Malware in sbrugna...
Moodle 4.3.x < 4.3.12 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is 4.1.x prior to 4.1.18 or 4.3.x prior to 4.3.12 or 4.4.x prior to 4.4.8 or 4.5.x prior to 4.5.4. It is, therefore, affected by multiple vulnerabilities : - Additional checks were required to ensure users can on...
Samsung InputManagerService Unauthorized Access Vulnerability
Samsung InputManagerService is a service for Samsung SAMSUNG mobile devices, a service that Android abstracts in order to handle various user operations, itself can be seen as a Binder service entity, instantiated when the SystemServer process is started and registered to the An unauthorized acce...
SAMSUNG Mobile devices InputManagerService 安全漏洞
Samsung InputManagerService is a service for Samsung SAMSUNG mobile devices, a service that Android abstracts in order to handle various user operations, itself can be seen as a Binder service entity, instantiated when the SystemServer process is started and registered to the An unauthorized acce...
ZTE Big Video Analysis Product Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in ZTE Big Video Analysis Product, a large video analytics product from ZTE Corporation China, which stems from an attacker with normal user privileges gaining unauthorized access to ZTE Big Video Analysis Product due to improper management of timed...
Huawei honor 8 elevation of privilege vulnerability
Huawei honor 8 is a smartphone from Chinese company Huawei Huawei. The Huawei honor 8 suffers from an elevation of privilege vulnerability due to the phone's failure to properly configure modification permissions for phone-specific information. An attacker could use this vulnerability to modify...
S21SEC-021 - Vignette License access and modification
ID: S21SEC-021-en Title: Vignette License access and modification Date: 15/03/2003 Status: Vendor contacted and solution available Scope: Unauthenticated access to the License management template Platforms: All Author: rpinuaga Location: http://www.s21sec.com/es/avisos/s21sec-021-en.txt Release:...