4 matches found
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...
GHSA-4GR7-QW2Q-JXH6 Cross-site Scripting in Nacos
A Cross Site Scripting XSS vulnerability exists in Nacos prior to 1.4.5 and 2.1.0-BETA in auth/users via the 1 pageSize and 2 pageNo parameters...
Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection Exploit
No description provided by source. ? errorreportingEERROR; function xssinit if !extensionloaded'phpcurl' if !dl'curl.so' and !dl'phpcurl.so' and !dl'phpcurl.dll' die oo error - cannot load curl extension!; function xssheader echo...