EUVD-2022-41523

Malicious code in bioql PyPI...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2023-29031

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation...

CVE-2022-41271

An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration PI - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2021-27474 Rockwell Automation FactoryTalk AssetCentre Use of Potentially Dangerous Function

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre...

Session fixation

The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors...

AnnonceScriptHP 2.0 admin/admin_config/Aide.php email Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21514/info AnnonceScriptHP is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...

HTB22917: XSS vulnerabilities in phpCollab

Vulnerability ID: HTB22917 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Stored XSS Cross...

Inout Webmail Script - Persistent Cross-Site Scripting

Name :inoutwebmail Persistent Xss Vulnerability Date : Dec,20 2010 Vendor Url :http://www.inoutscripts.com/ Author : Sid3^effects aKa HaRi Big hugs : Th3 RDX,Hananbutt, special thanks to : r0073r inj3ct0r.com,L0rd...

XSS vulnerability in WebPress

Vulnerability ID: HTB22478 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwebpress.html Product: WebPress Vendor: YWP http://www.goywp.com/ Vulnerable Version: Current at 01.07.2010 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...

CVE-2002-0697

Microsoft Metadirectory Services MMS 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials...

CVE-2000-0134

The Check It Out shopping cart application contains a vulnerability that allows remote attackers to modify sensitive purchase information via hidden form fields. Described across CVE-2000-0134 sources, this flaw enables unauthenticated remote access with partial confidentiality and integrity impa...