CVE-2024-0302

A vulnerability, which was classified as critical, has been found in fhs-opensource iparking 1.5.22.RELEASE. This issue affects some unknown processing of the file /vueLogin. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-0301

A vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The manipulation leads to sql injection. The attack can be initiated remotely. The...

Sql injection

A vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The manipulation leads to sql injection. The attack can be initiated remotely. The...

Deserialization of untrusted data

A vulnerability, which was classified as critical, has been found in fhs-opensource iparking 1.5.22.RELEASE. This issue affects some unknown processing of the file /vueLogin. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-0302

CVE-2024-0302 affects fhs-opensource iparking 1.5.22.RELEASE. A deserialization flaw in the processing of the file /vueLogin allows remote exploitation; the exploit has been disclosed publicly. Remediation: PT-2024-15453 suggests restricting access to /vueLogin as a temporary workaround since no ...

CVE-2024-0302 fhs-opensource iparking vueLogin deserialization

A vulnerability, which was classified as critical, has been found in fhs-opensource iparking 1.5.22.RELEASE. This issue affects some unknown processing of the file /vueLogin. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-0302 fhs-opensource iparking vueLogin deserialization

A vulnerability, which was classified as critical, has been found in fhs-opensource iparking 1.5.22.RELEASE. This issue affects some unknown processing of the file /vueLogin. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-0301 fhs-opensource iparking PayTempOrderAction.java getData sql injection

A vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The manipulation leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-0301 fhs-opensource iparking PayTempOrderAction.java getData sql injection

A vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The manipulation leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-0301

CVE-2024-0301 affects fhs-opensource iparking 1.5.22.RELEASE. The flaw is in the Java method getData of src/main/java/com/xhb/pay/action/PayTempOrderAction.java, causing an SQL injection. The vulnerability enables remote initiation and the exploit has been disclosed publicly. Multiple sources (NV...

CVE-2023-48947

An issue in the chacmp function of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48946

An issue in the boxmpy function of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48948

An issue in the boxdiv function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48949

An issue in the boxadd function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48950

An issue in the boxcollen function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48945

Openlink virtuoso-opensource is vulnerable to stack overflow vulnerability which allows a remote attackers to cause Denial of Service using crafted SQL statements...

CVE-2023-48951

An issue in the boxequal function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-40465 Improper input leads to DoS

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal...

Amazon Linux 2 : virtuoso-opensource (ALAS-2023-2360)

The version of virtuoso-opensource installed on the remote host is prior to 7.2.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2360 advisory. 2024-03-13: CVE-2023-31618 was added to this advisory. 2024-03-13: CVE-2023-31627 was added to this advisory...

CVE-2023-48951

An issue in the boxequal function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...