3 matches found
π deephas 1.0.7 Prototype Pollution
The deephas npm package suffers from a prototype pollution vulnerability in versions 1.0.7 and below due to unsafe recursive property assignment without proper hasOwnProperty checks and inadequate path sanitization. Exploit Title: deephas 1.0.7 - Prototype Pollution Google Dork: N/A Date:...
PT-2023-10121 Β· Himiklab Β· Yii2-Jqgrid-Widget
Name of the Vulnerable Software and Affected Versions: himiklab yii2-jqgrid-widget versions up to 1.0.7 Description: A critical issue affects the addSearchOptionsRecursively function of the file JqGridAction.php, leading to sql injection. Recommendations: For himiklab yii2-jqgrid-widget versions ...
PT-2022-4033 Β· Jenkins Β· Jenkins Compuware Xpediter Code Coverage PluginΒ +1
Name of the Vulnerable Software and Affected Versions: Jenkins Compuware Xpediter Code Coverage Plugin versions 1.0.7 and earlier Description: The issue is related to a missing permission check in the plugin, which can be exploited by attackers with Overall/Read permission to enumerate hosts and...