User can call liquidate() and steal all collateral due to arbitrary router call

Lines of code Vulnerability details Impact A malicious user is able to steal all collateral of an unhealthy position in PARMinerV2.sol. The code for the liquidate function is written so that the following steps are followed: User calls PARMinerV2.liquidate PARMinerV2 performs the liquidation with...

Possible to steal collateral during a reentrant collateral transfer

Lines of code Vulnerability details Impact In NFTPair.sol218 an ERC-721 transfer occurs. Anyone who gains execution during this transfer after the owner of the token is changed can steal the token transferred. Note that it will be applicable only if !skim. Since the exploit makes assumptions abou...

CVE-2022-28012

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positiondelete.php...

CVE-2022-28012

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positiondelete.php...

CVE-2022-28012

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positiondelete.php...

CVE-2022-28020

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positionedit.php...

CVE-2022-28020

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positionedit.php...

Sql injection

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positionedit.php...

CVE-2022-28012

CVE-2022-28012 affects Attendance and Payroll System v1.0 (PHP/MySQLi). The vulnerability is a SQL injection in the component admin\position_delete.php caused by lack of input validation, allowing attackers to execute arbitrary SQL and potentially access/steal sensitive data. No exploitation deta...

Exploit for Cross-site Scripting in Jqueryui Jquery_Ui

Exploit-Medium-CVE-2021-41184 Exploit Medium CVE-2021-41184 X...

Omron CX-One CX-Position NCI File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

Omron CX-One CX-Position NCI File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

CVE-2022-25959

Omron CX-Position versions 2.5.3 and prior is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code...

CVE-2022-26022

Omron CX-Position versions 2.5.3 and prior is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code...

CVE-2022-26417

Omron CX-Position versions 2.5.3 and prior is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code...

CVE-2022-26419

Omron CX-Position versions 2.5.3 and prior is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code...