3242 matches found
Sql injection
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at /staff/lab.php...
Sql injection
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at /librarian/lab.php...
The vulnerability of the extractImageSection() function in the tools/tiffcrop.c component of the LibTIFF library allows a hacker to induce a service failure.
The vulnerability of the extractImageSection function in the tools/tiffcrop.c component of the LibTIFF library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure using a specially crafted file...
CVE-2022-36714
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at /staff/lab.php...
CVE-2022-36713
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at /librarian/lab.php...
CVE-2022-1663
The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request...
Cross site request forgery (csrf)
The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request...
CVE-2022-2953
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8...
CVE-2022-1663 Stop Spam Comments <= 0.2.1.2 - Access Token Bypass
The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request...
PT-2022-23576 · Unknown · Library Management System
Name of the Vulnerable Software and Affected Versions: Library Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the Section parameter at the "/librarian/lab.php" API endpoint. Recommendations: For Library...
Library Management System SQL注入漏洞
Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the...
PT-2022-23577 · Unknown · Library Management System
Name of the Vulnerable Software and Affected Versions: Library Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the Section parameter at the "/staff/lab.php" API endpoint. Recommendations: For Library...
Simple Task Managing System SQL注入漏洞
Simple Task Managing System is a simple task management system for individual developers. Simple Task Managing System suffers from a SQL injection vulnerability that originates from an operation on the parameter login in an unknown section of its component /loginVaLidation.php, which can lead to ...
Stop Spam Comments <= 0.2.1.2 - Access Token Bypass
The plugin does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request. PoC Collect the name and value of ssckey for the target post and use it on the request. curl...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: OAuth account takeover CVE-2022-31107 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Cross site scripting
DotNetNuke DNN 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload...
CVE-2022-2491
A vulnerability has been found in SourceCodester Library Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file lab.php. The manipulation of the argument Section with the input 1' UNION ALL SELECT...
pandoc security update
An update for pandoc is now available for Rocky Linux 8. Rocky Enterprise Software Foundation Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...