DEBIAN-CVE-2023-47430

Stack-buffer-overflow vulnerability in ReadyMedia MiniDLNA v1.3.3 allows attackers to cause a denial of service via via the SendContainer function at tivocommands.c...

UBUNTU-CVE-2023-47430

Stack-buffer-overflow vulnerability in ReadyMedia MiniDLNA v1.3.3 allows attackers to cause a denial of service via via the SendContainer function at tivocommands.c...

CVE-2024-2585

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/selectsend2.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...

AMSS++ SQL Injection Vulnerability

AMSS++ is a tool for the office management support system of Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which stems from an SQL injection vulnerability in the sdindex parameter of the /amssplus/modules/book/main/selectsend2.php page...

PT-2024-21243 · Amss++ · Amss++

Name of the Vulnerable Software and Affected Versions: AMSS++ version 4.31 Description: The issue is related to insufficient encoding of user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through the "/amssplus/modules/mail/main/select send.php" endpoint, in multiple...

PT-2024-21254 · Amss++ · Amss++

Name of the Vulnerable Software and Affected Versions: AMSS++ version 4.31 Description: The issue is related to insufficient encoding of user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through the /amssplus/modules/book/main/select send 2.php endpoint, in multiple...

AMSS++ Cross-Site Scripting Vulnerability

AMSS++ is a tool for the office management support system of Amssplus. A cross-site scripting vulnerability exists in AMSS++ version 4.31, which stems from a cross-site scripting vulnerability in multiple parameters on the /amssplus/modules/mail/main/selectsend.php page...

CVE-2024-2561

A vulnerability, which was classified as critical, has been found in 74CMS 3.28.0. Affected by this issue is the function sendCompanyLogo of the file /controller/company/Index.phpsendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads to unrestricte...

74CMS 安全漏洞

74CMS is an online recruitment system based on PHP and MySQL. A file upload vulnerability exists in version 3.28.0 of 74CMS, which stems from the lack of valid validation of the uploaded file by imgBase64, a parameter of the function sendCompanyLogo in file /controller/company/Index.php. The...

Whoogle Search Cross-site Scripting vulnerability

Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the element method in app/routes.py does not validate the user-controlled srctype and elementurl variables and passes them to the send method which sends a GET request on lines 339-343 in requests.py. The returned...

GHSA-3Q6G-QMPX-RQW4 Whoogle Search Server-Side Request Forgery vulnerability

Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the window endpoint does not sanitize user-supplied input from the location variable and passes it to the send method which sends a GET request on lines 339-343 in request.py, which leads to a server-side request...

FreeScout Log Information Disclosure Vulnerability

FreeScout is an ultra-lightweight and powerful free open source helpdesk and shared inbox built using PHP Laravel framework. A log message disclosure vulnerability exists in FreeScout versions prior to 1.8.124, which stems from a log message disclosure vulnerability in the component...

PT-2024-21761 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible null pointer dereference in the ss SendCallBarringPwdRequiredIndMsg function of ss CallBarring.c due to a missing nul...

Apple macOS Sonoma Security Vulnerability

Apple macOS Sonoma is a desktop operating system by Apple Inc. A security vulnerability exists in Apple macOS Sonoma version 14.4, which stems from a third-party shortcut that may use a legacy action in Automator to send events to an application without the user's consent...

BIT-PHPLIST-2020-23208

A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Send test" field under the "Start or continue campaign" module...

CVE-2024-25847

SQL Injection vulnerability in MyPrestaModules "Product Catalog CSV, Excel Import" simpleimportproduct modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::construct and importProducts::addDataToDb methods...

CVE-2024-25847

SQL Injection vulnerability in MyPrestaModules "Product Catalog CSV, Excel Import" simpleimportproduct modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::construct and importProducts::addDataToDb methods...

PT-2024-21159 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 6.5.0 Description: The issue allows attackers to escalate privileges and obtain sensitive information via Send:: construct and importProducts:: addDataToDb methods. This is a SQL Injection vulnerability in...

DEBIAN-CVE-2023-52527

In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something like sendMSGMORE happened previously when appending to an IPv4 or IPv6...

CVE-2023-52523

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Reject skmsg egress redirects to non-TCP sockets With a SOCKMAP/SOCKHASH map and an skmsg program user can steer messages sent from one TCP socket s1 to actually egress from another TCP socket s2: tcpbpfsendmsgs1 //...