12 matches found
CVE-2026-20139
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform versions below 10.2.2510.3, 10.1.2507.8, 10.0.2503.9, and 9.3.2411.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload into the...
CVE-2026-20139
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform versions below 10.2.2510.3, 10.1.2507.8, 10.0.2503.9, and 9.3.2411.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload into the...
CVE-2026-20139
CVE-2026-20139 affects Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform below 10.2.2510.3, 10.1.2507.8, 10.0.2503.9, and 9.3.2411.121. A low-privileged user (not admin/power) can craft a malicious payload into realname, tz, or email via the /spl...
Recommended update for Maven
This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling by...
Denial Of Service (DoS)
juzaweb/cms is vulnerable to Denial Of Service DoS. The vulnerability is caused due to an improper validation of the timezone field, which allows an attacker to send a crafted request resulting in the server becoming unavailable...
juzawebCMS Incorrect Access Control vulnerability
juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...
CVE-2023-46906
juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...
Improper access control
juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...
CVE-2023-46906
CVE-2023-46906 affects juzaweb CMS (
Juzaweb CMS Security Vulnerability
Juzaweb CMS is a content management system developed by Juzaweb Individual Developer based on the Laravel framework and Web platform. A security vulnerability exists in Juzaweb CMS 3.4 and earlier versions, which stems from an Access Control Error vulnerability due to failure to properly validate...
CVE-2023-46906
juzaweb = 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated...
PT-2024-13388 · Juzaweb · Juzaweb
Name of the Vulnerable Software and Affected Versions: juzaweb versions 3.4 and earlier Description: The issue is related to Incorrect Access Control, which can result in an application outage after a 500 HTTP status code. The problem arises from the incorrect validation of the payload in the...