2155 matches found
PT-2023-20810 · Ecshop · Ecshop
Name of the Vulnerable Software and Affected Versions: EcShop version 4.1.5 Description: An arbitrary file upload issue in the /admin/template.php component allows attackers to execute arbitrary code via a crafted PHP file. Recommendations: For EcShop version 4.1.5, consider disabling the...
PT-2023-19757 · Pmb · Pmb
Name of the Vulnerable Software and Affected Versions: PMB version 7.4.6 Description: A reflected cross-site scripting XSS issue was found in PMB via the query parameter at "/admin/convert/export z3950 new.php". This allows for potential XSS attacks. Recommendations: For PMB version 7.4.6, consid...
PT-2023-20057 · Unknown · Online Reviewer Management System
Name of the Vulnerable Software and Affected Versions: Online Reviewer Management System version 1.0 Description: An issue was discovered in the Online Reviewer Management System, where there is a XSS vulnerability. This vulnerability can be exploited via the reviewer...
PT-2023-21045 · Unknown · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue concerns the /api/v4/users/me/teams API endpoint, where Mattermost fails to honor the ShowEmailAddress setting. This allows an attacker with team admin privileges to obtain the...
PT-2023-16717 · Techpowerup · Techpowerup Ryzen Dram Calculator
Name of the Vulnerable Software and Affected Versions: TechPowerUp Ryzen DRAM Calculator version 1.2.0.5 Description: A critical issue has been found in the library WinRing0x64.sys, affecting some unknown processing. The manipulation leads to improper initialization, requiring local access to...
PT-2023-16686 · Vox2Png · Vox2Png
Name of the Vulnerable Software and Affected Versions: vox2png version 1.0 Description: A critical vulnerability was found in vox2png, affecting an unknown functionality of the file vox2png.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit ha...
PT-2023-16669 · Sourcecodester · Sourcecodester Online Pizza Ordering System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A problematic issue has been found in the processing of the file "admin/ajax.php?action=save user", leading to cross-site request forgery. The attack can be initiated...
PT-2023-5754 · Watchguard +1 · Watchguard Epdr +1
Name of the Vulnerable Software and Affected Versions: WatchGuard EPDR version 8.0.21.0002 Description: The issue is related to insufficient access control in the Protection Agent component of WatchGuard Endpoint Protection, Detection and Response EPDR and Panda Adaptive Defense 360 Panda AD360...
PT-2023-20924 · Tenda · Tenda V15
Name of the Vulnerable Software and Affected Versions: Tenda V15 version V1.0 Description: A buffer overflow issue was discovered via the gotoUrl parameter in the formPortalAuth function, allowing attackers to cause a Denial of Service DoS via a crafted request. Recommendations: For Tenda V15...
PT-2023-16612 · Sourcecodester · Sourcecodester Online Pizza Ordering System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found in the GET Parameter Handler component of the view prod.php file, where the manipulation of the ID argument leads to sql injection. This issu...
PT-2023-16590 · Phjounin · Tftpd64-Se
Name of the Vulnerable Software and Affected Versions: phjounin TFTPD64-SE version 4.64 Description: A critical issue affects the processing of the file tftpd64 svc.exe, leading to an unquoted search path. The manipulation can be exploited locally, with a rather high complexity of attack and...
PT-2023-16525 · Sourcecodester · Sourcecodester Best Online News Portal
Name of the Vulnerable Software and Affected Versions: SourceCodester Best Online News Portal version 1.0 Description: A critical issue has been found in the Login Page component, where the manipulation of the username argument leads to SQL injection. This can be exploited remotely...
PT-2025-6093 · Tenda · Tenda W18E
Name of the Vulnerable Software and Affected Versions: Tenda W18E version V16.01.0.81625 Description: A stack overflow vulnerability in the Tenda W18E web management portal allows an authenticated remote attacker to cause a denial of service or potentially execute arbitrary code. This issue occur...
PT-2023-2478 · Aten · Aten Pe8108
Name of the Vulnerable Software and Affected Versions: Aten PE8108 version 2.4.232 Description: The issue is related to insufficient protection of registration data in the web interface of the Aten PE8108 power distribution unit PDU software. This allows for unauthenticated access to Telnet and...
PT-2023-1349 · Delta Electronics · Diascreen
Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAScreen versions 1.2.1.23 and prior Description: The issue is related to a buffer overflow in memory due to improper restrictions of operations. This could allow an attacker to remotely execute arbitrary code...
PT-2023-16366 · Unknown · Phpgurukul Bank Locker Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Bank Locker Management System version 1.0 Description: A critical issue affects the Login component of the PHPGurukul Bank Locker Management System, specifically the file index.php. The manipulation of the username argument leads t...
PT-2023-14377 · Ibm · Ibm Business Automation Workflow
Name of the Vulnerable Software and Affected Versions: IBM Business Automation Workflow version 22.0.2 Description: The issue allows a remote attacker to traverse directories on the system by sending a specially crafted URL request containing dot dot sequences /../ to view arbitrary files on the...
PT-2023-12788 · Puppet · Puppet-Facter
Name of the Vulnerable Software and Affected Versions: puppet-facter versions all Description: The issue is related to Command Injection via the getFact function due to improper input sanitization. This allows for potential exploitation. No information is provided about the estimated number of...
PT-2023-15119 · Sonic · Sonic
Name of the Vulnerable Software and Affected Versions: Sonic version 1.0.4 Description: The issue allows attackers to execute a directory traversal in the component /admin/backups/work-dir. This enables attackers to access files or directories outside the intended directory structure...
PT-2023-13550 · Unknown · Jetnexus/Edgenexus Adc
Name of the Vulnerable Software and Affected Versions: JetNexus/EdgeNexus ADC version 4.2.8 Description: The management portal component of the software contains a command injection issue, allowing authenticated attackers to execute arbitrary commands through a specially crafted payload. This iss...