10 matches found
EUVD-2021-1993
Malware in sbrugna...
EUVD-2021-21881
Malware in sbrugna...
CVE-2025-7935
A vulnerability, which was classified as critical, was found in fuyanglipengjun platform up to ca9aceff6902feb7b0b6bf510842aea88430796a. Affected is the function SysLogController of the file platform-admin/src/main/java/com/platform/controller/SysLogController.java. The manipulation of the argume...
eZ Platform Admin UI is vulnerable to Cross-site Scripting (XSS)
There is an XSS vulnerability in CKEditor, which is used by AlloyEditor, which is used in eZ Platform Admin UI. Scripts can be injected through specially crafted "protected" comments. We are not sure it is exploitable in eZ Platform, but recommend installing it to be on the safe side. It is fixed...
CVE-2022-27421
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin...
CVE-2022-27421
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin...
Design/Logic Flaw
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin...
CVE-2022-27421
CVE-2022-27421 affects Chamilo LMS v1.11.13. The issue is a lack of validation on the user modification form, which allows an attacker to escalate privileges to Platform Admin. Affected component is the user modification flow; root cause is insufficient input validation. Impact per sources: privi...
CVE-2021-35238
User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website...
CVE-2021-35238
User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website...