65 matches found
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...
CVE-2023-37798
A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...
Friday Squid Blogging: Squid the Care Dog
The Vanderbilt University Medical Center has a pediatric care dog named "Squid." Blog moderation policy...
JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure', 'Description' = %q SIEMENS IP-Camera CVMS2025-IR + CCMS2025, JVC IP-Camera...
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...
Vanderbilt REDCap 安全漏洞
REDCap is a data collection and management web application. A security vulnerability exists in Vanderbilt REDCap prior to v.13.8.0, which stems from the presence of a SQL injection vulnerability that could allow a remote attacker to gain access to sensitive information via a password reset...
Sql injection
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...
CVE-2023-38825
Summary: CVE-2023-38825 is a SQL injection vulnerability in Vanderbilt REDCap prior to v13.8.0, exposed via the MyCapMobileApp/update.php password-reset endpoint. Affected software: Vanderbilt REDCap (pre-13.8.0). Root cause/impact: improper input handling in the password-reset path allows a remo...
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...
PT-2024-12765 · Vanderbilt · Redcap
Name of the Vulnerable Software and Affected Versions: Vanderbilt REDCap versions prior to 13.8.0 Description: A SQL injection issue allows a remote attacker to obtain sensitive information via the password reset mechanism in the MyCapMobileApp/update.php endpoint, specifically through the passwo...
CVE-2023-38825
SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php...
vanderbiltestates.dental Cross Site Scripting vulnerability OBB-3861420
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
as.vanderbilt.edu Cross Site Scripting vulnerability OBB-3841621
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-37798
A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...
CVE-2023-37798
A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...
CVE-2023-37798
A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...
CVE-2023-37798
Vanderbilt REDCap 13.1.35 is affected by a stored XSS in the new project creation function, exploitable via the project title parameter. Root cause: insufficient input sanitization in the project title field leading to arbitrary script/HTML execution. Impact: potential arbitrary script execution ...