Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion

Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /...." substring. id: CVE-2022-26233 info: name: Barco Control Room Management Suite =2.9...

CVE-2022-26975

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication...

CVE-2022-26977

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS...

CVE-2022-26973

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details...

CVE-2022-26978

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The osusername parameters is not correctly sanitized, leading to reflected XSS...

EUVD-2017-1877

Malware in sbrugna...

EUVD-2019-12592

Malware in sbrugna...

EUVD-2022-31514

Malicious code in bioql PyPI...

EUVD-2022-31520

Malicious code in bioql PyPI...

EUVD-2022-31517

Malicious code in bioql PyPI...

EUVD-2022-31519

Malicious code in bioql PyPI...

EUVD-2022-31518

Malicious code in bioql PyPI...

EUVD-2022-31513

Malicious code in bioql PyPI...

CVE-2024-4314

The Hostel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5.3. This is due to missing or incorrect nonce validation when managing rooms. This makes it possible for unauthenticated attackers to create and delete rooms via a forged request...

CVE-2022-26972

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected XSS...

CVE-2022-26971

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. This upload can be executed without authentication...

CVE-2022-26976

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS...

CVE-2019-2702

Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications subcomponent: Web Service. The supported version that is affected is 8.0.80. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2025-24024 Mjolnir v1.9.0 accepts commands from any room

Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren't operators of the bot to use the bot's functions, including server administration components if enabled. Version 1.9.1 reverts the feature tha...

HotelDruid Security Breach

HotelDruid is a hotel management system by the Digitaldruid.net team. The system includes features such as room management, financial management and inventory management. A security vulnerability exists in HotelDruid 3.0.5 and earlier versions, which stems from a cross-site scripting XSS...