6 matches found
glot-wwww Arbitrary Code Execution Vulnerability
glot-www is an open source pastebin with runnable snippets and an API. A security vulnerability exists in the default configuration in glot-www 2018-05-19 and earlier versions. A remote attacker can exploit the vulnerability to execute arbitrary code...
Sales & Company Management System Privilege Permission and Access Control Vulnerability
Sales & Company Management System SCMS is a sales and company management system. The system includes features such as customer management, product management and tax management. A privilege permission and access control vulnerability exists in SCMS 2018-06-06 and prior versions, which can be...
PAYFORT payfort-php-SDK cross-site scripting vulnerability (CNVD-2019-08574)
PayFort is an online payment gateway. payfort-php-SDK is the PayFort payment gateway SDK. A cross-site scripting vulnerability exists in Amazon PAYFORT payfort-php-SDK on 2018-04-26 and earlier versions, which can be exploited by an attacker via the route.php paymentMethod parameter to conduct a...
Google Android elevation of privilege vulnerability (CNVD-2018-10119)
Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA for short, and Qualcomm MDM9206 and other central processing unit CPU products from Qualcomm are used in different platforms. A security vulnerability exists in the Qualcomm...
Google Android has an unspecified vulnerability (CNVD-2018-09702)
Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm MSM8909W is a central processing unit CPU product of Qualcomm. A security vulnerability exists in RIL in versions of Android prior to 2018-04-05. No detailed...
bui select component cross-site scripting vulnerability
bui is a front-end framework based on JQuery. select component is one of the search component. A cross-site scripting vulnerability exists in the select component in bui 2018-03-13 and prior versions, which stems from a program performing an escape operation on escaped text. A remote attacker can...