Sql injection

A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesController.php. The manipulation leads to sql injection. Upgrading to version 1.0.0 is able to address...

CVE-2015-10018

DBRisinajumi d2files has a SQL injection vulnerability in the file and function controllers/D2filesController.php: actionUpload/actionDownloadFile . The issue affects versions prior to 1.0.0 and is addressed by upgrading to 1.0.0 (patch id b5767f2ec9d0f3cbfda7f13c84740e2179c90574 ). Several sourc...

CVE-2020-36642

A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue affects the function runinsandbox of the file application/libraries/LanguageTask.php. The manipulation leads to command injection. Upgrading to version 1.7.0 is able to address this issue. The identifie...

Command injection

A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue affects the function runinsandbox of the file application/libraries/LanguageTask.php. The manipulation leads to command injection. Upgrading to version 1.7.0 is able to address this issue. The identifie...

CVE-2020-36642 trampgeek jobe LanguageTask.php run_in_sandbox command injection

A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue affects the function runinsandbox of the file application/libraries/LanguageTask.php. The manipulation leads to command injection. Upgrading to version 1.7.0 is able to address this issue. The identifie...

Xxe

A vulnerability classified as problematic was found in e-Contract dssp up to 1.3.1. Affected by this vulnerability is the function checkSignResponse of the file dssp-client/src/main/java/be/econtract/dssp/client/SignResponseVerifier.java. The manipulation leads to xml external entity reference...

PT-2023-11357 · Unknown · Arthmoor Qsf-Portal

Name of the Vulnerable Software and Affected Versions: Arthmoor QSF-Portal affected versions not specified Description: A critical vulnerability was found in Arthmoor QSF-Portal, affecting the file index.php. The manipulation of the a argument leads to path traversal. Recommendations: Apply a pat...

Sql injection

A vulnerability classified as critical has been found in arekk uke. This affects an unknown part of the file lib/uke/finder.rb. The manipulation leads to sql injection. The identifier of the patch is 52fd3b2d0bc16227ef57b7b98a3658bb67c1833f. It is recommended to apply a patch to fix this issue. T...

CVE-2015-10014 arekk uke finder.rb sql injection

A vulnerability classified as critical has been found in arekk uke. This affects an unknown part of the file lib/uke/finder.rb. The manipulation leads to sql injection. The identifier of the patch is 52fd3b2d0bc16227ef57b7b98a3658bb67c1833f. It is recommended to apply a patch to fix this issue. T...

CVE-2018-25065 Wikimedia mediawiki-extensions-I18nTags Unlike Parser I18nTags_body.php cross site scripting

A vulnerability was found in Wikimedia mediawiki-extensions-I18nTags and classified as problematic. This issue affects some unknown processing of the file I18nTagsbody.php of the component Unlike Parser. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2019-25097

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...

CVE-2019-25098

A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical. This affects an unknown part of the file include/archive.php of the component Archive Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The...

PT-2023-15885 · Unknown · Evolution Events Artaxerxes

Name of the Vulnerable Software and Affected Versions: Evolution Events Artaxerxes affected versions not specified Description: A vulnerability was found in the component POST Parameter Handler, affecting unknown code of the file arta/common/middleware.py. The manipulation of the password argumen...

CVE-2021-4300

A vulnerability has been found in ghostlander Halcyon and classified as critical. Affected by this vulnerability is the function CBlock::AddToBlockIndex of the file src/main.cpp of the component Block Verification. The manipulation leads to improper access controls. The attack can be launched...

Improper access control

A vulnerability has been found in ghostlander Halcyon and classified as critical. Affected by this vulnerability is the function CBlock::AddToBlockIndex of the file src/main.cpp of the component Block Verification. The manipulation leads to improper access controls. The attack can be launched...

CVE-2021-4300 ghostlander Halcyon Block Verification main.cpp AddToBlockIndex access control

A vulnerability has been found in ghostlander Halcyon and classified as critical. Affected by this vulnerability is the function CBlock::AddToBlockIndex of the file src/main.cpp of the component Block Verification. The manipulation leads to improper access controls. The attack can be launched...

CVE-2019-25094

A vulnerability, which was classified as problematic, was found in innologi appointments Extension up to 2.0.5 on TYPO3. This affects an unknown part of the component Appointment Handler. The manipulation of the argument formfield leads to cross site scripting. It is possible to initiate the atta...

CVE-2021-4299

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

PT-2023-10103 · Unknown · Rails-Cv-App

Name of the Vulnerable Software and Affected Versions: rails-cv-app affected versions not specified Description: A problematic issue has been found, affecting some unknown functionality of the file app/controllers/uploaded files controller.rb. The manipulation with the input ../../../etc/passwd...

Hardcoded credentials

A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected by this issue is some unknown functionality. The manipulation leads to use of hard-coded password. The patch is identified as 557e177d8a309d6f0f26de46efb38d43e000852d. It is recommended to apply a pat...