PT-2024-22693 · Unknown · Qtranslate

Name of the Vulnerable Software and Affected Versions: Translate versions prior to 3.0.0 Description: The issue allows an attacker controlling the second variable of the translate function to perform a cache poisoning attack, changing the outcome of translation requests made by subsequent users...

@eqproject/eqp-dashboard (>=2.0.3 <=2.5.2), @eqproject/eqp-datetimerangepicker (>=0.0.1 <=3.0.9) +7 more potentially affected by unknown CVE via ngx-translate (=0.0.1-security)

ngx-translate NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on ngx-translate and may be impacted: - @eqproject/eqp-dashboard =2.0.3, =0.0.1, =2.0.10, =0.0.1, =18.0.0-beta.2 - kms-ngx-ui =16.12.30 - mat-table-ext =0.0.0 -...

CVE-2011-5070

Multiple cross-site scripting XSS vulnerabilities in Support Incident Tracker aka SiT! 3.65 allow remote attackers to inject arbitrary web script or HTML via 1 the file name to incidentattachments.php; 2 unspecified vectors in linkadd.php, possibly involving origref, linkref, linktype parameters,...