EUVD-2023-49459

Malicious code in bioql PyPI...

EUVD-2023-55655

Malicious code in bioql PyPI...

CVE-2023-50924

CVE-2023-50924 affects the Englesystem shift planning system. Prior to v3.4.1, it performed insufficient validation of user-supplied data in the DECT number, mobile number, and work-log comment fields. This allowed an authenticated user to inject JavaScript into other users’ sessions, with the in...

CVE-2023-45659

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixe...

CVE-2023-45659

Engelsystem is affected by CVE-2023-45659, where if a user’s password is compromised and an attacker gains access to that user’s session, the attacker’s session is not terminated after the user’s password is reset. The issue has a fix committed in dbb089315ff3d, and users are advised to update th...

PT-2023-29633 · Unknown · Engelsystem

Name of the Vulnerable Software and Affected Versions: Engelsystem affected versions not specified Description: Engelsystem is a shift planning system for chaos events. If a user's password is compromised and an attacker gains access to the user's account, the attacker's session is not terminated...

Linkedin Oncall Cross-Site Scripting Vulnerability

Linkedin Oncall is the United States Linkedin company based on Python language can be used to manage the calendar planning platform of the building system. A security vulnerability exists in Linkedin Oncall versions 1.4.0 and earlier, which stems from the mishandling of the "No results found"...

SQL Injection Vulnerability in Nine to Five Planning Website Building System (CNVD-2020-58479)

Nine to five planning - branding service provider in Anhui province, by the founder of the Anhui enterprise brand research and development center. A SQL injection vulnerability exists in the Nine to Five Planning website builder system. An attacker can exploit the vulnerability to obtain sensitiv...

SQL Injection Vulnerability in Zhongshan Zhike Network Brand Planning Website Building System

Zhongshan Zhike Network Brand Planning is a company that mainly deals with website construction, software development, VI design, domain name, server and other projects. Zhongshan Zhike Network Brand Planning website building system has a SQL injection vulnerability, which can be exploited by...

CALDERA - Automated Adversary Emulation System

CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge ATT&CK...

Automated Adversary Emulation System: CALDERA

CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge ATT&CK...

ZYCH Free Planning Enterprise Website Management System Exists Universal Password Login Vulnerability

ZYCH Free Planner Enterprise Website Management System is an intelligent ASP website management program based on Free Planner Enterprise Website Management System. A universal password login vulnerability exists in the '/admin/login.asp' page of ZYCH Free Planning Enterprise Website Management...