Path traversal

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...

CVE-2022-46900

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...

CVE-2022-46900

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...

PT-2023-15101 · Vocera · Vocera Voice Server +2

Name of the Vulnerable Software and Affected Versions: Vocera Report Server and Voice Server versions 5.x through 5.8 Description: An issue was discovered in the software, allowing Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs executed on the server at...

CVE-2022-46900

The CVE describes a Path Traversal vulnerability in Vocera Report Server/Voice Server 5.x–5.8. An authenticated user can modify task entries in the Vocera Report Console to alter the executable path and parameters, enabling potential unintended command execution. The exact exploitation steps, aff...

CVE-2023-38056

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35...

UBUNTU-CVE-2023-38056

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35...

PT-2023-26267 · Otrs +1 · Otrs +2

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.44 OTRS versions 8.0.X through 8.0.34 OTRS Community Edition versions 6.0.1 through 6.0.34 Description: The issue is related to improper neutralization of commands allowed to be executed via OTRS System...

PT-2023-9619 · Python · Python

Name of the Vulnerable Software and Affected Versions: Python versions prior to 3.9.1 Python cpython version 3.7 Python CPython 3.12.0b1 Description: An issue in the asyncio. swap current task component of Python allows an attacker to obtain sensitive information. The vulnerability is related to...

Turla's New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector

The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck aka CAPIBAR or GAMEDAY that's capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency Response Team of...

PT-2023-7494 · Hazelcast · Hazelcast

Name of the Vulnerable Software and Affected Versions: Hazelcast versions 5.0 through 5.0.4 Hazelcast versions 5.1 through 5.1.6 Hazelcast versions 5.2 through 5.2.3 Hazelcast IMDG versions prior to 4.2.z Description: The issue is related to insufficient authorization procedures in Hazelcast,...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

Cross site scripting

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

CVE-2023-31705

CVE-2023-31705 is a Reflected Cross-site Scripting (XSS) vulnerability in Sourcecodester Task Reminder System 1.0. The issue allows an authenticated user to inject malicious JavaScript via the page parameter, indicating that input handling for that parameter is vulnerable to reflected XSS. The at...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

Task Reminder System 跨站脚本漏洞

Task Reminder System is a task reminder system by Carlo Montero Personal Developer. A security vulnerability exists in version 1.0 of the Sourcecodester Task Reminder System, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that could allow an authenticated use...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

PT-2023-4181 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 115.0.5790.170 Description: The issue is related to a use after free in Blink Task Scheduling, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead...