4 matches found
Cleartext Transmission of Sensitive Information
Overview ananta is an A command-line tool to execute commands on multiple remote hosts Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via the retryconnect function due to the omission of AES-GCM ciphers in the algorithmoptions"encryptionalgs"...
PT-2023-6275 · Unknown · Reciply Plugin
Name of the Vulnerable Software and Affected Versions: reciply Plugin versions 1.1.7 and earlier Description: A critical issue affects the processing of the file uploadImage.php, leading to unrestricted upload. The attack may be initiated remotely, potentially allowing an attacker to execute...
PT-2023-10285 · Typo3 +1 · Typo3 +1
Name of the Vulnerable Software and Affected Versions: mback2k mh httpbl Extension versions 1.1.7 and earlier Description: A critical vulnerability was found in the mback2k mh httpbl Extension on TYPO3, affecting the function moduleContent of the file mod1/index.php. This issue leads to SQL...
PT-2020-19780 · Grpc · Grpc +1
Name of the Vulnerable Software and Affected Versions: grpc versions prior to 1.24.4 @grpc/grpc-js versions prior to 1.1.8 Description: The issue concerns Prototype Pollution via loadPackageDefinition. This affects the grpc and @grpc/grpc-js packages. Recommendations: For grpc versions prior to...