925 matches found
go-git 参数注入漏洞
go-git is go-git open source a highly extensible git implementation library written in pure Go. A parameter injection vulnerability exists in go-git versions prior to v5.13, which stems from the presence of a parameter injection vulnerability that could allow an attacker to set arbitrary values t...
Dell PowerStore Parameter Injection Vulnerability
Dell PowerStore is a scalable all-flash array storage from Dell USA. The Dell PowerStore suffers from a parameter injection vulnerability that originates from improper parameter delimiter neutralization, which can be exploited by an attacker to modify arbitrary system files...
CVE-2024-11688
CVE-2024-11688 is a reflected XSS in the WordPress LaTeX2HTML plugin. The vulnerability allows unauthenticated attackers to inject scripts via the ver or date parameters on pages that render the attack, affecting all versions up to and including 2.5.5. Connected Red Hat and other sources corrobor...
Online Class and Exam Scheduling System term.php File SQL Injection Vulnerability
Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter id of the file /pages/term.php. ...
Dell PowerStore 参数注入漏洞
Dell PowerStore is a scalable all-flash array storage from Dell USA. The Dell PowerStore suffers from a parameter injection vulnerability that originates from improper parameter delimiter neutralization, which can be exploited by an attacker to modify arbitrary system files...
Codezips Project Management System 注入漏洞
Codezips Project Management System is an open source project management system from Codezips. An injection vulnerability exists in CodeZips Project Management System version 1.0, which stems from an incorrect manipulation of the parameter email that can lead to SQL injection...
CVE-2024-53470
Multiple stored cross-site scripting XSS vulnerabilities in the component /configuracao/gatewaypagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter...
CVE-2024-52944
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user witho...
CVE-2024-52944
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user witho...
CVE-2024-52943
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting XSS while viewing archived content. This could reflect back to an authenticated user...
CVE-2024-52944
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user witho...
Veritas Enterprise Vault 安全漏洞
Veritas Enterprise Vault is a Veritas platform for capturing, archiving, and discovering information across all communications platforms. A security vulnerability exists in Veritas Enterprise Vault versions prior to 15.1 UPD882911, which stems from a vulnerability that allows an authenticated,...
Veritas Enterprise Vault 安全漏洞
Veritas Enterprise Vault is a Veritas platform for capturing, archiving, and discovering information across all communications platforms. A security vulnerability exists in Veritas Enterprise Vault versions prior to 15.1 UPD882911, which stems from a vulnerability that allows an authenticated,...
Veritas Enterprise Vault 安全漏洞
Veritas Enterprise Vault is a Veritas platform for capturing, archiving, and discovering information across all communications platforms. A security vulnerability exists in Veritas Enterprise Vault versions prior to 15.1 UPD882911, which stems from a vulnerability that allows an authenticated,...
Veritas Enterprise Vault 安全漏洞
Veritas Enterprise Vault is a Veritas platform for capturing, archiving, and discovering information across all communications platforms. A security vulnerability exists in Veritas Enterprise Vault versions prior to 15.1 UPD882911, which stems from a vulnerability that allows an authenticated,...
PT-2024-35495 · Veritas · Veritas Enterprise Vault
Name of the Vulnerable Software and Affected Versions: Veritas Enterprise Vault versions prior to 15.1 UPD882911 Description: The issue allows an authenticated remote attacker to inject a parameter into an HTTP request, enabling Cross-Site Scripting while viewing archived content. This could...
PT-2024-35492 · Veritas · Veritas Enterprise Vault
Name of the Vulnerable Software and Affected Versions: Veritas Enterprise Vault versions prior to 15.1 UPD882911 Description: The issue allows an authenticated remote attacker to inject a parameter into an HTTP request, enabling Cross-Site Scripting XSS while viewing archived content. This could...
Ivanti Connect Secure和Ivanti Policy Secure 参数注入漏洞
Ivanti Connect Secure and Ivanti Policy Secure are both products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure is a network access control NAC solution. A parameter injection vulnerability exists in Ivanti Connect Secure versio...
Ivanti Connect Secure和Ivanti Policy Secure 参数注入漏洞
Ivanti Connect Secure and Ivanti Policy Secure are both products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure is a network access control NAC solution. A parameter injection vulnerability exists in Ivanti Connect Secure versio...
Ivanti Connect Secure和Ivanti Policy Secure 参数注入漏洞
Ivanti Connect Secure and Ivanti Policy Secure are both products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure is a network access control NAC solution. A parameter injection vulnerability exists in Ivanti Connect Secure versio...