11 matches found
CVE-2013-10075 Apache::Session versions through 1.94 for Perl re-creates deleted sessions
Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...
CVE-2025-13421
A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0. Impacted is an unknown function of the file /src/store/NoticeStore.php. Such manipulation of the argument noticeDesc leads to sql injection. The attack can be launched remotely. The exploit has been...
CVE-2025-13420
A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue affects some unknown processing of the file /src/store/EventStore.php. This manipulation of the argument eventSubject causes sql injection. The attack can be initiated remotely. The exploit has been ma...
CVE-2025-13421
The CVE-2025-13421 entry concerns itsourcecode Human Resource Management System 1.0. A SQL injection vulnerability exists in an unknown function of /src/store/NoticeStore.php where manipulating the noticeDesc argument can compromise the database. The issue is exploitable remotely and has been pub...
Directory Traversal
Overview kwik is a Fast, batteries-included, business-oriented, opinionated REST APIs framework Affected versions of this package are vulnerable to Directory Traversal via the kwik.utils.files.storefile function due to improper validation of directory containment in the file upload helper, which...
PT-2024-17763 · Emlog Pro · Emlog Pro
Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.1 Description: A problematic vulnerability has been found in Emlog Pro, affecting an unknown function of the file /admin/store.php. The manipulation of the argument tag leads to cross site scripting. It is possibl...
niushop b2b2c SQL Injection Vulnerability
Niushop niushop b2b2c is a PHP open source e-commerce multi-tenant system of China NiuKu information technology Niushop company . niushop b2b2c V5 version exists SQL injection vulnerability , the vulnerability stems from /app/api/controller/Store.php in the existence of SQL injection , allowing a...
PT-2023-26350 · Unknown · Bug Finder Sass Biller
Name of the Vulnerable Software and Affected Versions: Bug Finder SASS BILLER version 1.0 Description: A problematic issue affects some unknown processing of the file /company/store. The manipulation of the name argument leads to cross-site scripting. The attack may be initiated remotely. The...
PT-2023-25006 · Rocketsoft · Rocket Lms
Name of the Vulnerable Software and Affected Versions: RocketSoft Rocket LMS version 1.7 Description: A vulnerability was found in the Contact Form component, specifically affecting the /contact/store file. The manipulation of the name, subject, or message arguments leads to cross-site scripting...
CVE-2016-1776
Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DSStore and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request...
PT-2004-2059 · Apache +1 · Apache +1
Name of the Vulnerable Software and Affected Versions: Apache for Apple Mac OS X versions 10.2.8 and 10.3.6 Description: The issue arises from the difference in how Apache and the Apple HFS+ filesystem handle file access in terms of case sensitivity. Apache restricts access to files in a...