4 matches found
io.minio/minio: minio-java Client XML Tag is Vulnerable to Value Substitution
In minio-java versions prior to 8.6.0, XML tag values containing references to system properties or environment variables were automatically substituted with their actual values during processing. This unintended behavior could lead to the exposure of sensitive information, including credentials,...
XML Injection
io.minio:minio is vulnerable to XML Injection. The vulnerability is due to automatic substitution of XML tag values containing system property or environment variable references during processing, which allows an attacker to craft malicious XML input that exposes sensitive information such as...
Joomla Jinc SQL Injection
--------------------------------------------------------------------------------- joomla component comjinc newsid Blind SQL Injection Vulnerability --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatiHackTeam Email :...
Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username / Password Retrieval
source: https://www.securityfocus.com/bid/1885/info A vulnerability exists in the Cisco Virtual Central Office 4000 VCO/4K programmable voice switch running software versions 5.13 and earlier. The usernames and passwords for the device's SNMP administration interface are protected by a simple...