10 matches found
EUVD-2024-42704
Malicious code in bioql PyPI...
CVE-2024-47830
Plane is an open-source project management tool. Plane uses the wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0...
CVE-2024-47830
Plane is an open-source project management tool. Plane uses the wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0...
CVE-2024-47830 Plane allows server side request forgery via /_next/image endpoint
Plane is an open-source project management tool. Plane uses the wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0...
CVE-2024-47830 Plane allows server side request forgery via /_next/image endpoint
Plane is an open-source project management tool. Plane uses the wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0...
CVE-2024-47830 Plane allows server side request forgery via /_next/image endpoint
Plane is an open-source project management tool. Plane uses the wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0...
PT-2024-32841 · Plane · Plane
Name of the Vulnerable Software and Affected Versions: Plane versions prior to 0.23.0 Description: The issue concerns an open-source project management tool that uses wildcard support to retrieve images from any hostname, potentially allowing an attacker to induce the server into performing...
Description of the security update for SharePoint Server 2019: August 10, 2021 (KB5002000)
Description of the security update for SharePoint Server 2019: August 10, 2021 KB5002000 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see the Microsoft Common Vulnerabilities and Exposures CVE-2021-36940. Note: ...
SprintWork 2.3.1 Local Privilege Escalation
Exploit Title: SprintWork 2.3.1 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/spx/exe/SprintWork-Setup.exe Version: 2.3.1 Tested On: Windows 10 32-bit Vulnerability Overview: SprintWork v2.3.1 x8...
Watcher v1.5.1 Web security testing tool and passive vulnerability scanner download !
Watcher is a Web security testing tool and passive vulnerability scanner. This tool is in continues development and has updated it features and capabilities. Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's...