CVE-2023-51246

A Cross Site Scripting XSS vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page...

Cross site scripting

A Cross Site Scripting XSS vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page...

CVE-2023-51246

A Cross Site Scripting XSS vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page...

PT-2024-14078 · Unknown · Getsimple Cms

Name of the Vulnerable Software and Affected Versions: GetSimple CMS version 3.3.16 Description: A Cross Site Scripting XSS issue exists when using Source Code Mode as a backend user to add articles via the "/admin/edit.php" page. Recommendations: For GetSimple CMS version 3.3.16, consider...

CVE-2023-51246

A Cross Site Scripting XSS vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page...

CVE-2023-51246

CVE-2023-51246 concerns GetSimple CMS 3.3.16 where an XSS exists when a backend user adds articles via /admin/edit.php with Source Code Mode active. The root cause is inadequate filtering/escaping of user-supplied data during article creation, leading to arbitrary script execution. Affected produ...

GitLab 0.0 < 14.2.6 / 14.3 < 14.3.4 / 14.4 < 14.4.1 (CVE-2021-42574)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft sourc...

Lot Reservation Management System 1.0 File Disclosure Vulnerability

Exploit Title: Lot Reservation Management System Unauthenticated File Disclosure Vulnerability Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.html Software Link:...

Code Injection

gitlab:sid is vulnerable of code injection. The vulnerability due to compromise the source code and incorrectly neutralizes special elements in GitLab CE/EE. It leads to allow an attacker to modify the syntax or behavior of the intended code segment...

Blutter - Flutter Mobile Application Reverse Engineering Tool

Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently the application supports only Android libapp.so arm64 only. Also the application is currently work only against recent Dart versions. For high priority missing features, see TODO Environment Setup This...

Information Exposure

gitlab:sid is vulnerable to Information Exposure. The vulnerability due to read the source code of a project by using attackeraccesstoken and login to Victim account sets the Repository. It allows an attacker execute the malicious command with attacker account...

TikTok: Exploitable live argument in onClick Function leads to Data Leakage of Inactive/Suspended Products

The "Search Product" function in the TikTok Shop Seller API contained a vulnerability that allowed access to inactive or suspended products by manipulating the "live" parameter in the API request. The vulnerability was reported to the team and remediated...

CVE-2023-47704

IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...

CVE-2023-47704

IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...

Hardcoded credentials

IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...

CVE-2023-47704

CVE-2023-47704 affects IBM Security Guardium Key Lifecycle Manager, version 4.3. The issue is the presence of plain text hard-coded credentials or other secrets in the source code repository, causing potential confidentiality impact. Exploitation details are not provided in the connected document...

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

PT-2023-30577 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager version 4.2 IBM Security Guardium Key Lifecycle Manager version 4.3 Description: The issue concerns the presence of plain text hard-coded credentials or other secrets in the source code repository o...

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server

Microsoft discovered, responsibly disclosed, and helped remediate four vulnerabilities that could be remotely exploited by unauthenticated attackers in Perforce Helix Core Server “Helix Core Server”, a source code management platform largely used in the videogame industry and by multiple...