Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: RPM does not require subkeys to have a valid binding signature CVE-2021-3521 For more details about the...

Cross-site Scripting (XSS)

Overview s-cart/core is a free Laravel e-commerce for business. Affected versions of this package are vulnerable to Cross-site Scripting XSS in Admin section. It have the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie. Details...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in Admin section. It have the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie. Details Cross-site scripting or XSS is a code vulnerability that...

Crazy Bone <= 0.6.0 - Unauthenticated Stored XSS

The plugin does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting PoC curl 'https://example.com/wp-login.php' --data-raw 'log=a=x&wp-submit;=Log+In' The XSS will be trigged in...

GHSA-4RMR-C2JX-VX27 Mustache remote code injection vulnerability

In Mustache.php v2.0.0 through v2.14.0, Sections tag can lead to arbitrary php code execution even if strictcallables is true when section value is controllable...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

PT-2022-13104 · Mustache +1 · Mustache +1

Name of the Vulnerable Software and Affected Versions: mustache/mustache versions 2.0.0 through 2.14.0 Description: The issue is related to the improper neutralization of special elements used in a template engine. This can lead to arbitrary PHP code execution, even when strict callables is set t...

Moderate: Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.8 security update

An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2021-46072

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel...

CVE-2021-46069

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel...

CVE-2021-45744

A Stored Cross Site Scripting XSS vulnerability exists in bludit 3.13.1 via the TAGS section in login panel...

CVE-2021-46072

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel...

CVE-2021-46071

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel...

CVE-2021-46069

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel...

CVE-2021-46070

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel...

CVE-2021-46074

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel...

CVE-2021-46068

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel...

CVE-2021-45744

A Stored Cross Site Scripting XSS vulnerability exists in bludit 3.13.1 via the TAGS section in login panel...

Cross site scripting

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel...