3 matches found
phpIPAM - 1.6 - Cross-Site Scripting
phpIPAM 1.6 contains a cross-site scripting vulnerability via the closeClass parameter at /subnet-masks/popup.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...
Gitea <1.16.5 - Open Redirect
Gitea before 1.16.5 is susceptible to open redirect via GitHub repository go-gitea/gitea. An attacker can redirect a user to a malicious site and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-1058 info: name: Gitea 1.16.5 - Open Redire...
MetaCart2 - 'StrSubCatalogID' SQL Injection
source: https://www.securityfocus.com/bid/13383/info A remote SQL injection vulnerability affects MetaCart2. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may exploit this issue to manipulate SQL querie...