EUVD-2022-42636

Malicious code in bioql PyPI...

CVE-2023-42954

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests...

CVE-2022-3223

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 20.3.1...

PT-2024-13068 · Clarisa · Filemaker Server

Name of the Vulnerable Software and Affected Versions: FileMaker Server versions prior to 20.3.1 Description: The issue potentially exposed password information to front-end websites when signed in to the Admin Console with an administrator role. This was resolved by eliminating the send of Admin...

JGraph draw.io 跨站脚本漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application for JGraph. A cross-site scripting vulnerability exists in JGraph draw.io versions prior to 20.3.1. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Online Booking and Scheduling plugin has a cross-site scripting vulnerability in versions prior to 20.3.1,...

Cisco SD-WAN vManage Command Injection Vulnerability (CNVD-2020-61949)

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. A command injection vulnerability exists in the remote management feature of Cisco SD-WAN vManage versions prior to 20.3.1. The vulnerability stems from improper command validation of the...