148 matches found
CVE-2024-45787
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive information in plain text in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL and intercepting response of the AP...
CVE-2024-45786
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL which could lead to gain unauthorized access to sensitive...
Open Source Medicine Ordering System 1.0 SQL Injection
Exploit Title : Open Source Medicine Ordering System v1.0 - SQLi Author : Onur Karasalihoğlu Date : 27/02/2024 Sample Usage % python3 omossqliexploit.py https://target.com Available Databases: 1. informationschema 2. omosdb Please select a database to use enter number: 2 You selected: omosdb...
CU Solutions Group Content Management System Security Vulnerability
CU Solutions Group Content Management System CUSG CMS is a content management system from CU Solutions Group, Inc. A security vulnerability exists in CU Solutions Group Content Management System versions prior to v.7.75. A remote attacker can use this vulnerability to execute arbitrary code,...
PT-2023-30441 · Mercedes · Mercedes Me Ios App
Name of the Vulnerable Software and Affected Versions: Mercedes me IOS APP versions 1.34.0 and below Description: The issue allows attackers to view the maintenance orders of other users and access sensitive user information. Recommendations: For Mercedes me IOS APP versions 1.34.0 and below,...
CVE-2023-46935
eyoucms v1.6.4 is vulnerable Cross Site Scripting XSS, which can lead to stealing sensitive information of logged-in users...
CVE-2023-5551 Moodle: forum summary report shows students from other groups when in separate groups mode
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups...
CVE-2022-41616
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...
CVE-2022-41616
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1...
CVE-2022-41616 WordPress Export Users Data CSV plugin <= 2.1 - Auth. CSV Injection vulnerability
A vulnerability in Kaushik Export Users Data CSV export-users-data-csv.This issue affects Export Users Data CSV: from n/a through = 2.1...
CVE-2022-41616
The CVE-2022-41616 entry corresponds to a CSV injection vulnerability in the WordPress plugin Export Users Data CSV, affecting versions through 2.1. The root cause is improper neutralization of formula elements in CSV files generated by the plugin. Impact details are limited in the provided docum...
CVE-2022-46804
Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3...
CVE-2022-46804
Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3...
Input validation
Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3...
CVE-2022-46804 WordPress Export Users Data Distinct plugin <= 1.3 - CSV Injection
A vulnerability in narolainfotech Export Users Data Distinct export-users-data-distinct.This issue affects Export Users Data Distinct: from n/a through = 1.3...
CVE-2022-46804
CVE-2022-46804 : WordPress plugin Export Users Data Distinct (
WordPress Plugin export-users-data-csv Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin export-users-data-distinct Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2023-38965
Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI...
CVE-2022-47192
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password...