12 matches found
EUVD-2013-6610
Malware in sbrugna...
EUVD-2022-4450
Malicious code in bioql PyPI...
CVE-2022-40319
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References IDOR attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account...
L-Soft LISTSERV 安全漏洞
L-Soft LISTSERV is a suite of e-mail list management software from L-Soft. A security vulnerability exists in L-Soft LISTSERV version 17. An attacker could exploit the vulnerability to conduct an insecure direct object reference IDOR attack via a modified email address in the wa.exe URL...
GHSA-JWQP-WH5G-4GMM CodeIgniter Improper Privilege Management
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown...
CVE-2020-10793
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown...
CVE-2020-10793
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown...
CVE-2020-7993
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation on behalf of other user accounts via a modified email ID field...
Code injection
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation on behalf of other user accounts via a modified email ID field...
UBUNTU-CVE-2020-7993
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation on behalf of other user accounts via a modified email ID field...
CVE-2020-7993
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation on behalf of other user accounts via a modified email ID field...
CVE-2016-3644
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac; Symantec Endpoint Protection SEP for...