1548 matches found
Security update for python-tornado
This update for python-tornado fixes the following issue: CVE-2025-67724: missing validation of the supplied reason phrase bsc1254903. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
SUSE-SU-2026:0838-1 Security update for python-tornado
This update for python-tornado fixes the following issue: - CVE-2025-67724: missing validation of the supplied reason phrase bsc1254903...
A Bootiful Podcast - John Willis, author of 'Rebels of Reason'
Hi Spring fans! In this installment I sit down with DevOps legend and industry analyst extraordinaire John Willis and talk about his new book Rebels of Reason: The Long Road from Aristotle to ChatGPT and AI's Heroes Who Kept the Faith , and talk about the nature of the ecosystem, AI, the role of...
SQL Injection
Overview dolibarr/dolibarr is a modern and easy to use web software to manage your business. Affected versions of this package are vulnerable to SQL Injection via the POST parameters such as actioncode, demandreasonid, and availabilityid. PoC Dolibarr ERP/CRM 10.0.1 contains multiple SQL injectio...
CVE-2019-25450
Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through parameters like actioncode, demandreasonid, and availabilityid in...
CVE-2019-18968
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none...
PT-2026-20433
Name of the Vulnerable Software and Affected Versions Jenkins versions 2.483 through 2.550 Jenkins LTS versions 2.492.1 through 2.541.1 Description The application does not properly sanitize user-supplied data within the description field of the "Mark temporarily offline" functionality. This can...
CVE-2026-25612
The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...
CVE-2026-2201
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cros...
CVE-2026-2201
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cros...
CVE-2026-2201
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cros...
CVE-2026-2201
CVE-2026-2201 affects ZeroWdd studentmanager. The flaw is in LeaveController.addLeave where manipulating the Reason for Leave parameter triggers cross-site scripting. Attack may be remote; exploit disclosed publicly. No specific affected version information is provided; project has not been activ...
CVE-2026-2201
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cros...
CVE-2026-2201 ZeroWdd studentmanager LeaveController.java addLeave cross site scripting
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cros...
StudentManager 代码注入漏洞
StudentManager is a student management system developed by huanfenz’s individual developer. StudentManager has a code injection vulnerability, which stems from incorrect handling of the parameter Reason for Leave in the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. Th...
CVE-2021-47905
MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletion reason input field. Attackers can inject malicious scripts that will execute in the admin interface when viewing delete account reasons...
CVE-2021-47905 MyBB Delete Account Plugin 1.4 - Cross-Site Scripting
MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletion reason input field. Attackers can inject malicious scripts that will execute in the admin interface when viewing delete account reasons...
CVE-2021-47905
CVE-2021-47905 concerns the MyBB Delete Account Plugin (v1.4) with a stored/reflected-like cross-site scripting flaw in the account deletion reason input field. The vulnerability allows an attacker to inject malicious scripts that can execute in the admin interface when viewing delete account rea...
CVE-2021-47905 MyBB Delete Account Plugin 1.4 - Cross-Site Scripting
MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletion reason input field. Attackers can inject malicious scripts that will execute in the admin interface when viewing delete account reasons...
CVE-2021-47905
MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletion reason input field. Attackers can inject malicious scripts that will execute in the admin interface when viewing delete account reasons...