Jason Summers deark number error vulnerability

Jason Summers deark is a Jason Summers open source application. A command line utility that can decode certain types of files. A numeric error vulnerability exists in versions prior to Jason Summers Deark v1.5.8, which can be exploited by an attacker to cause a divide-by-zero error via a speciall...

pczupil X2CRM 跨站脚本漏洞

pczupil X2CRM is a pczupil open source application. A next generation open source social selling application for small and medium sized businesses. X2CRM v7.1 suffers from a cross-site scripting vulnerability that can be exploited to obtain sensitive information by injecting arbitrary web script ...

Unspecified vulnerability in Andrey Sitnik postcss

Andrey Sitnik postcss is an open source application by Andrey Sitnik . Used to use the JS plugin to convert the style of the tool . Andrey Sitnik postcss version 7.0.0 and 8.2.10 before a security vulnerability that can be exploited by attackers to cause a denial of service...

X2CRM Cross-Site Scripting Vulnerability

pczupil X2CRM is a pczupil open source application. A next generation open source social selling application for small and medium sized businesses. X2CRM v7.1 suffers from a cross-site scripting vulnerability that can be exploited to obtain sensitive information by injecting arbitrary web script ...

Unspecified vulnerability in Firefox unity-firefox-extension

Firefox unity-firefox-extension is a Firefox open source application plug-in . A security vulnerability exists in Firefox unity-firefox-extension that originates from sending an empty unity-firefox-extension package, which completely disables the extension and invalidates attacks against the libu...

Directusv8 Code Issues Vulnerabilities

Directusv8 is GlobalDirectusv8 open source an application system provides a CMS website builder . A security vulnerability exists in versions prior to Directus 8 8.8.2, which can be exploited by attackers to execute arbitrary code...

Terrafrost phpseclib data forgery issue vulnerability

Terrafrost phpseclib is a Terrafrost open source application. pure PHP implementation of the MIT license. A data forgery issue vulnerability exists in Terrafrost phpseclib versions prior to 2.0.31 and 3.x series versions prior to 3.0.7, which stems from incorrectly handling the RSA PKCS.No detail...

Elastic EpiServer Find Arbitrary Redirection Vulnerability

Elastic EpiServer Find is an open source application from Elastic. A search engine that enables developers to build great search experiences on websites , Intranet and almost any type of system with text content . An arbitrary redirection vulnerability in EpiServer Find versions prior to 13.2.7 c...

Progi1984 ps_emailsubscription 跨站脚本漏洞

Progi1984 psemailsubscription is Progi1984 an open source application. Provides an e-mail form. A security vulnerability exists in psemailsubscription that stems from the ability to inject javascript into the newsletter conditional field...

Unspecified vulnerability in oria gridx

sheila1227 gridx is sheila1227 an open source application . For fast rendering , good modular and plug-in based architecture of the Grid. oria gridx 1.3 security vulnerability , a remote attacker can be exploited to execute arbitrary code through the $query parameter carefully set the value...

MarkAny MaEPSBroker Command Injection Vulnerability

MarkAny MaEPSBroker is a MarkAny open source application. Add a registry entry for the current user, which will allow the program to start automatically on every reboot. A command injection vulnerability exists in MaEPSBroker 2.5.0.31 and earlier versions, which stems from a command injection...

qianjunakasumi kongchuanhujiao 授权问题漏洞

qianjunakasumi kongchuanhujiao is qianjunakasumi an open source application . An online teaching quiz statistics deep learning analytics system . A security vulnerability exists in github.com/kongchuanhujiao/server before version 1.3.21, which stems from an authentication bypass...

GitLab server-side request forgery vulnerability (CNVD-2021-26069)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A server-side request forgery vulnerability exists in GitLab, which can be exploited to conduct...

Unspecified vulnerability in vscode-swiftformat (CNVD-2021-29562)

vscode-swiftformat is an open source application. Automatically organize Swift code through SwiftFormat. A security vulnerability exists in vscode-swiftformat versions prior to 2.12.1, which can be exploited by attackers to execute arbitrary code...

Sauwming pjproject 安全漏洞

Sauwming pjproject is a Sauwming open source application. It combines the signaling protocol SIP with a rich multimedia framework and NAT traversal capabilities into a portable, high-level API for almost all types of systems, from desktops and embedded systems to cell phones. A security...

Nextcloud Access Control Error Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in versions prior to Nextcloud 20.0.6, which stems from a missing user check inadvertently populating another user's external...

Sourcecodester Web Based Quiz System 跨站脚本漏洞

Sourcecodester Web Based Quiz System is Sourcecodester an open source application . Used for a simple online based project . Sourcecodester Web Based Quiz System 1.0 suffers from a cross-site scripting vulnerability that can be exploited by attackers to inject malicious JavaScript code...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Sourcecodesterk Doctor Appointment System is a Sourcecodesterk open source application. Provides an appointment function . Doctor Appointment System version 1.0 suffers from an SQL injection vulnerability that originates from a remote blind SQL injection vulnerability in the name and email...

Scytl sVote 信任管理问题漏洞

Scytl sVote is a Spanish Scytl open source application. Provides voters to vote online. A security vulnerability exists in Scytl sVote 2.1, which can be exploited by an attacker to access OrientDB by providing admin as the administrator password...

CloudBees Jenkins Claim Plugin Cross-Site Scripting Vulnerability

Jenkins Claim is an open source application plugin for Jenkins. Provides users to declare failed builds and tests from Jenkins to show that they are responsible for fixing them . A cross-site script execution vulnerability exists in Jenkins Claim Plugin version 2.18.1 and earlier. The vulnerabili...