50 matches found
PT-2024-18424 · Sourcecodester · Sourcecodester Online Job Portal
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Job Portal version 1.0 Description: A vulnerability has been found in the Manage Job Page component, specifically in the file /Employer/ManageJob.php. The manipulation of the Qualification/Description argument leads to...
CVE-2023-50443
Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 ANSSI qualification submission or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are open...
CVE-2023-50439
ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission, ZED! for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows...
Design/Logic Flaw
Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...
Design/Logic Flaw
By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission; ZED! for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before 2023.5; ZEDMAIL fo...
CVE-2023-50439
ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission, ZED! for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows...
CVE-2023-50444
By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission; ZED! for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before 2023.5; ZEDMAIL fo...
CVE-2023-50441
Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...
CVE-2023-50444
CVE-2023-50444 affects PRIMX ZED! and related products where default containers include an encrypted version of sensitive user information. According to the sources, affected items include: ZED! for Windows before Q.2020.3; ZED! for Windows before Q.2021.2; ZONECENTRAL for Windows before Q.2021.2...
CVE-2023-50443
CVE-2023-50443 affects PRIMX CRYHOD for Windows (versions prior to Q.2020.4 and prior to 2023.5). Root cause: an unauthenticated attacker can modify encrypted disks to inject a UNC reference, causing the host to initiate outbound network traffic when such disks are opened. Impact is outbound traf...
CVE-2023-50439
The CVE-2023-50439 entry concerns PRIMX ZED! and ZONECENTRAL/ZEDMAIL on Windows. Affected versions disclose the original path in which containers were created, allowing an unauthenticated attacker to obtain contextual information (e.g., project name). Specifically, ZED! for Windows before Q.2020....
Moodle multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the advanced-grading implementation in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1...
Reflecting on Women’s History Month at Rapid7
During Women’s History Month, we invited some of our team members to share their best advice for other women in technology, celebrate their strengths, and reflect on how they’ve challenged convention within their roles and built their networks. What is the best advice that someone has given you i...
qualification.directory Improper Access Control vulnerability OBB-2388852
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Qualifying Encoders with Akamai
Introduction The encoder qualification program was created to improve the process for vendors that wish to align themselves with Akamai network specific requirements. It is also intended to , mitigate the risk of encoder issues before using in production. A formal process is being introduced to...
CVE-2019-7312
Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows ANSSI qualification submission before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac...
DEBIAN-CVE-2018-18701
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...
CVE-2017-14751
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field...
CVE-2017-14751
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field...
CVE-2017-14751
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field...