8 matches found
SAP NetWeaver Application Server Java 注入漏洞
SAP NetWeaver Application Server Java is an application server provided by the German company SAP, which offers a Java runtime environment. This product is primarily used for developing and running Java EE applications. SAP NetWeaver Application Server Java has a injection vulnerability, which...
PT-2025-30445 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.11.0 and earlier Devolutions Server versions 2025.2.2.0 through 2025.2.4.0 Description: Improper access control in the secure message component of Devolutions Server allows an authenticated user to steal...
CVE-2024-5185
The EmbedAI application is susceptible to security issues that enable Data Poisoning attacks. This weakness could result in the application becoming compromised, leading to unauthorized entries or data poisoning attacks, which are delivered by a CSRF vulnerability due to the absence of a secure...
CVE-2024-5185
CVE-2024-5185 concerns the EmbedAI application, where a CSRF weakness resulting from the absence of secure session management and weak CORS policies enables data poisoning. An attacker can lure a user to a malicious page that triggers the CSRF flaw, causing the user to upload and integrate incorr...
CVE-2024-5185 Data Poisoning in EmbedAI
The EmbedAI application is susceptible to security issues that enable Data Poisoning attacks. This weakness could result in the application becoming compromised, leading to unauthorized entries or data poisoning attacks, which are delivered by a CSRF vulnerability due to the absence of a secure...
CVE-2024-5185 Data Poisoning in EmbedAI
The EmbedAI application is susceptible to security issues that enable Data Poisoning attacks. This weakness could result in the application becoming compromised, leading to unauthorized entries or data poisoning attacks, which are delivered by a CSRF vulnerability due to the absence of a secure...
CVE-2020-25700
In moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.8.6, 3.7.9, 3.5.15, and 3.10...
CVE-2020-25700
In moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.8.6, 3.7.9, 3.5.15, and 3.10...