S-Cart path traversal vulnerability

S-cart, a Php-based e-commerce management platform from the S-cart community, suffers from a path traversal vulnerability that stems from the failure of a web-based system or product to properly filter special elements in the path of a resource or file. An attacker could exploit the vulnerability...

Google Golang memory consumption overflow vulnerability

Google Golang is a statically strongly typed, compiled language from Google, Inc. A memory consumption overflow vulnerability exists in Google Golang, which stems from a design or implementation impropriety in the code development process of a web-based system or product. An attacker could exploi...

Apache ShenYu Code Injection Vulnerability

Apache ShenYu is an asynchronous , high-performance , cross-language , responsive API gateway of the United States Apache Apache Foundation . Apache ShenYu has a code injection vulnerability in versions 2.4.0 and 2.4.1 that stems from an improperly designed or implemented code development process...

Construction Industry Solutions Conis Construction Cloud存在未明漏洞

Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. A security vulnerability exists in Construction Industry Solutions Conis Construction Cloud due to a design or implementation impropriety in the...

Sourcecodester Online Project Time Management System SQL Injection Vulnerability

Sourcecodester Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or the time each project is resubmitted. sourcecodester Online Project Time Management System i...

Construction Industry Solutions Conis Construction Cloud 安全漏洞

Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. A security vulnerability exists in Construction Industry Solutions Conis Construction Cloud due to a design or implementation impropriety in the...

GitLab 代码问题漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab has a code issue vulnerability that originates from an improperly...

DBeaver XML External Entity Injection Vulnerability

DBeaver is a free multi-platform database tool for developers, Sql programmers, database administrators and analysts from the DBeaver team in the U.S. An XML external entity injection vulnerability exists in DBeaver, which stems from a web-based system or product that does not set the correct...

Crafter CMS Code Execution Vulnerability

Crafter CMS is an open source content management system CMS for digital experience applications.A code execution vulnerability exists in Crafter CMS, which stems from a web-based system or product that does not properly authenticate incoming data. An authenticated attacker could modify the main...

Zulip code issue vulnerability

Zulip is a powerful open source group chat application from the Zulip team. Used to combine the immediacy of real-time chat with the productivity benefits of threaded conversations, Zulip suffers from a code issue vulnerability that stems from improper design or implementation during the code...

JetBrains YouTrack Injection Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows, and monitoring project progress.JetBrains YouTrack is vulnerable to an injection vulnerability that stems from...

Team Password Manager 授权问题漏洞

Team Password Manager is a web-based team password manager. Team Password Manager suffers from an authorization issue vulnerability that arises from improper design or implementation during code development of a web-based system or product...

jsonpointer type obfuscation vulnerability

jsonpointer is an open source package for simple JSON addressing. jsonpointer suffers from a security vulnerability that stems from improper design or implementation during the development of code for a web-based system or product. No details of the vulnerability are currently available...

Unspecified vulnerability in Deoxxa dotty

Deoxxa Dotty is a Javascript-based code base used by Deoxxa individual developers to support access to object properties. deoxxa dotty has a security vulnerability that stems from a design or implementation impropriety in the code development process of a web-based system or product. No details o...

tempura 跨站脚本漏洞

Tempura is a lightweight, open source templating engine from Luke Edwards, an individual developer in the United States. tempura has a security vulnerability that originates from an improperly designed or implemented code development process for a web-based system or product...

jsonpointer 安全漏洞

jsonpointer is an open source package for simple JSON addressing. jsonpointer suffers from a security vulnerability that stems from improper design or implementation during the development of code for a web-based system or product. No details of the vulnerability are currently available...

Deoxxa dotty 安全漏洞

Deoxxa Dotty is a Javascript-based code base used by Deoxxa individual developers to support access to object properties. deoxxa dotty has a security vulnerability that stems from a design or implementation impropriety in the code development process of a web-based system or product. No details o...

json-pointer 安全漏洞

Json-Pointer is an open source, Rfc 6901 described by Manuel Stofer, a Swiss individual developer of some utilities for Json pointers. json-pointer has a security vulnerability that stems from improper design or implementation during the code development of a web-based system or product. No...

Phone Shop Sales Managements System 授权问题漏洞

SourceCodester Phone Shop Sales Managements System is a PHP project from SourceCodester, Inc. that manages phone store sales transactions. An authorization issue vulnerability exists in PHP Phone Shop Sales Managements System, which arises from a lack of valid permission grants and access control...

Harmony Browse 代码问题漏洞

Check Point Harmony Browse is a modern Web security solution from Check Point, Inc. It is designed to provide the strongest protection against Web-based attacks. Harmony Browse has a security vulnerability that originates from an improperly designed or implemented code development process for a...