CVE-2015-10057

A vulnerability (CVE-2015-10057) affects Little Apps Little Software Stats, specifically the Password Reset Handler component inc/class.securelogin.php. The issue is an improper access control in that file, leading to potential unauthorized access. The documented exploitability is described as di...

PT-2023-10235 · Vinylmap · Vinylmap

Name of the Vulnerable Software and Affected Versions: vinylmap version 2071174A Description: A critical issue has been found, affecting the contact function of the file recordstoreapp/views.py. This issue leads to sql injection. Recommendations: Apply the patch...

CVE-2015-10045

A vulnerability, which was classified as critical, was found in tutrantta projecttodolist. Affected is the function getAffectedRows/where/insert/update in the library library/Database.php. The manipulation leads to sql injection. The name of the patch is 194a0411bbe11aa4813f13c66b9e8ea403539141. ...

Sql injection

A vulnerability was found in dobos domino. It has been rated as critical. Affected by this issue is some unknown functionality in the library src/Complex.Domino.Lib/Lib/EntityFactory.cs. The manipulation leads to sql injection. Upgrading to version 0.1.5524.38553 is able to address this issue. Th...

CVE-2022-4885

A vulnerability has been found in sviehb jefferson up to 0.3 and classified as critical. This vulnerability affects unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The...

PT-2023-10143 · Unknown · Mapoor Voteapp

Name of the Vulnerable Software and Affected Versions: mapoor voteapp affected versions not specified Description: A critical issue has been found, affecting the function create poll/do poll/show poll/show refresh of the file app.py. This issue leads to sql injection. Recommendations: Apply a pat...

DEBIAN-CVE-2017-20165

A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue. T...

CVE-2010-10004 Information Cards Module cross site scripting

A vulnerability was found in Information Cards Module on simpleSAMLphp and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.0 is able to address this issue. The...

CVE-2021-4308

A vulnerability was found in WebPA up to 3.1.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version 3.1.2 is able to address this issue. The identifier of the patch is 8836c4f549181e885a68e0e7ca561fdbcbd04bf0. It...

CVE-2015-10030 SUKOHI Surpass Surpass.php pathname traversal

A vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir leads to pathname traversal. Upgrading to version 1.0.0 is able to address this issue. The patch is...

Sql injection

A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms'dbprepend' leads to sql injection. The attack may be launched remotely. Upgrading to version 1.9.27 is able to...

CVE-2016-15013 ForumHulp searchresults listener.php list_keywords sql injection

A vulnerability was found in ForumHulp searchresults. It has been rated as critical. Affected by this issue is the function listkeywords of the file event/listener.php. The manipulation of the argument word leads to sql injection. The name of the patch is dd8a312bb285ad9735a8e1da58e9e955837b7322...

CVE-2014-125063 ada-l0velace Bid sql injection

A vulnerability was found in ada-l0velace Bid and classified as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identifier of the patch is abd71140b8219fa8741d0d8a57ab27d5bfd34222. It is recommended to apply a patch to fix this issue. The...

CVE-2014-125059

A vulnerability, which was classified as problematic, has been found in sternenseemann sternenblog. This issue affects the function blogindex of the file main.c. The manipulation of the argument postpath leads to file inclusion. The attack may be initiated remotely. The complexity of an attack is...

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in sternenseemann sternenblog. This issue affects the function blogindex of the file main.c. The manipulation of the argument postpath leads to file inclusion. The attack may be initiated remotely. The complexity of an attack is...

CVE-2014-125059 sternenseemann sternenblog main.c blog_index file inclusion

A vulnerability, which was classified as problematic, has been found in sternenseemann sternenblog. This issue affects the function blogindex of the file main.c. The manipulation of the argument postpath leads to file inclusion. The attack may be initiated remotely. The complexity of an attack is...

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...

PT-2023-10126 · Unknown · Pylons Horus

Name of the Vulnerable Software and Affected Versions: Pylons horus affected versions not specified Description: A vulnerability was found in Pylons horus, classified as problematic, affecting some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observab...

CVE-2014-125052 JervenBolleman sparql-identifiers RegistryDao.java sql injection

A vulnerability was found in JervenBolleman sparql-identifiers and classified as critical. This issue affects some unknown processing of the file src/main/java/org/identifiers/db/RegistryDao.java. The manipulation leads to sql injection. The patch is named 44bb0db91c064e305b192fc73521d1dfd25bde52...

CVE-2015-10018

A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesController.php. The manipulation leads to sql injection. Upgrading to version 1.0.0 is able to address...