CVE-2020-15243 WebApi Authentication attribute missing in Smartstore

Affected versions of Smartstore have a missing WebApi Authentication attribute. This vulnerability affects Smartstore shops in version 4.0.0 & 4.0.1 which have installed and activated the Web API plugin. Users of Smartstore 4.0.0 and 4.0.1 must merge their repository with 4.0.x or overwrite the...

CVE-2020-15243

CVE-2020-15243 affects Smartstore 4.0.0 and 4.0.1 with the Web API plugin installed and activated, where a missing WebApi Authentication attribute creates a vulnerability. The recommended remediations are to merge the 4.0.x branch (or overwrite the SmartStore.Web.Framework in the deployed shop’s ...

CVE-2019-15563

Observational Health Data Sciences and Informatics OHDSI WebAPI before 2.7.2 allows SQL injection in FeatureExtractionService.java...

CVE-2019-15563

Observational Health Data Sciences and Informatics OHDSI WebAPI before 2.7.2 allows SQL injection in FeatureExtractionService.java...

Sql injection

Observational Health Data Sciences and Informatics OHDSI WebAPI before 2.7.2 allows SQL injection in FeatureExtractionService.java...

CVE-2019-15563

The CVE-2019-15563 entry concerns Obsrvational Health Data Sciences and Informatics (OHDSI) WebAPI before version 2.7.2, where a SQL injection vulnerability exists in FeatureExtractionService.java. The included references indicate a fix was released in WebAPI v2.7.2 (see the 2.7.2 release tag). P...

CVE-2019-15563

Observational Health Data Sciences and Informatics OHDSI WebAPI before 2.7.2 allows SQL injection in FeatureExtractionService.java...

Cross-site Scripting (XSS)

Django is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because admin's add/change related popup adopts an unsafe usage of JavaScript's Element.innerHTML webapi...

webapi.yanoshin.jp Open Redirect vulnerability

Vulnerable URL: http://webapi.yanoshin.jp/rd.php?http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

DNN (DotNetNuke) < 8.0.1 Multiple Vulnerabilities

The version of DNN Platform formerly DotNetNuke running on the remote host is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists due to improper validation of input to the 'returnurl' query string parameter before returning it to users. A remote attacker can...

openSUSE Security Update : Chromium (openSUSE-2016-664)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

Security update for Chromium (important)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

openSUSE Security Update : Chromium (openSUSE-2016-316)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

SUSE SLES12 Security Update : Chromium (SUSE-SU-2016:0665-1)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

Security update for Chromium (important)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

Debian DSA-3507-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2015-8126 Joerg Bornemann discovered multiple buffer overflow issues in the libpng library. - CVE-2016-1630 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in Blink/Webkit. - CVE-2016-1631 Mariusz...

openSUSE Security Update : 4789 (4789-1) (deprecated)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

Security update for Chromium (important)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

Debian Security Advisory DSA 3507-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-8126 Joerg Bornemann discovered multiple buffer overflow issues in the libpng library. CVE-2016-1630 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in Blink/Webkit. CVE-2016-1631 Mariusz Mlynski...

Debian: Security Advisory (DSA-3507-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...