925 matches found
Ivanti Connect Secure和Ivanti Policy Secure 参数注入漏洞
Ivanti Connect Secure and Ivanti Policy Secure are both products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure is a network access control NAC solution. A parameter injection vulnerability exists in Ivanti Connect Secure versio...
Ivanti Connect Secure和Ivanti Policy Secure 参数注入漏洞
Ivanti Connect Secure and Ivanti Policy Secure are both products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure is a network access control NAC solution. A parameter injection vulnerability exists in Ivanti Connect Secure versio...
Laravel 参数注入漏洞
Laravel is a web application framework from the Laravel community. A parameter injection vulnerability exists in Laravel. An attacker exploiting this vulnerability can call any URL using a specially crafted query string...
IBPhoenix ibWebAdmin 注入漏洞
IBPhoenix ibWebAdmin is a Firebird and InterBase database server web front end from IBPhoenix. An injection vulnerability exists in IBPhoenix ibWebAdmin 1.0.2 and earlier versions, which stems from the parameter p in the file /togglefoldpanel.php in the Tabelas Section can lead to a cross-site...
PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
...
Slackware: Security Advisory (SSA:2024-297-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] php81
New php81 packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.30-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: Bypass of CVE-2024-4577, Parameter Injection Vulnerability...
OFCMS cross-site scripting vulnerability (CNVD-2024-41671)
OFSoft OFCMS is a content management system CMS developed by China Zhongtian Network OFSoft using Java language. OFCMS version 1.1.2 cross-site scripting vulnerability, the vulnerability stems from the file /admin/system/dict/add.json?sqlid=system.dict.save parameter dictvalue on the user-supplie...
Siemens SINEC Security Monitor Parameter Injection Vulnerability
SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. Siemens SINEC Security Monitor suffers from a parameter injection vulnerability that stems from a failure to properly...
PT-2024-39856 · Unknown · Code-Projects Restaurant Reservation System
Name of the Vulnerable Software and Affected Versions: code-projects Restaurant Reservation System version 1.0 Description: A critical vulnerability has been found in the code-projects Restaurant Reservation System. This issue affects an unknown part of the file filter3.php. The manipulation of t...
CVE-2024-9286
CVE-2024-9286 affects TRtek Software Distant Education Platform prior to 3.2024.11. The vulnerability is an SQL injection/parameter injection due to improper neutralization of special elements in SQL commands, enabling attackers to manipulate queries. Public documents describe the issue across mu...
TRtek Distant Education Platform SQL注入漏洞
TRtek Distant Education Platform is an application from TRtek, Inc. A SQL injection vulnerability exists in TRtek Distant Education Platform versions prior to 3.2024.11, which stems from improper input validation and allows for SQL injection and parameter injection...
CVE-2024-8926 PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...
CVE-2024-8926
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...
ggit 安全漏洞
ggit is a tool by Gleb Bahmutov Personal Developer. A security vulnerability exists in ggit that stems from not cleaning up user input or validating a given URL scheme, leaving it vulnerable to arbitrary parameter injection attacks...
Siemens SINEC Security Monitor 参数注入漏洞
SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. Siemens SINEC Security Monitor suffers from a parameter injection vulnerability that stems from a failure to properly...
PHP 8.2.x < 8.2.24 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.30, 8.2.x prior to 8.2.24, or 8.3.x prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities: - Parameter injection vulnerability with a bypass of CVE-2024-4577...
PHP 8.3.x < 8.3.12 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.30, 8.2.x prior to 8.2.24, or 8.3.x prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities: - Parameter injection vulnerability with a bypass of CVE-2024-4577...
PHP 8.1.x < 8.1.30 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.30, 8.2.x prior to 8.2.24, or 8.3.x prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities: - Parameter injection vulnerability with a bypass of CVE-2024-4577...
XZ Utils 安全漏洞
XZ Utils is an open source utility program by Tukaani. A security vulnerability exists in XZ Utils version 5.6.2 and earlier versions. An attacker can exploit this vulnerability to perform a parameter injection or directory traversal attack...