4123 matches found
GitHub Enterprise - SAML Authentication Bypass
An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be...
Apache Tomcat - Remote Code Execution via JMX Ports
Apache Tomcat versions before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 are vulnerable to remote code execution if JmxRemoteLifecycleListener is used and the JMX ports are exposed to attackers. The vulnerability exists due to inconsistent credentia...
Enrollment System Project v1.0 - SQL Injection Authentication Bypass
Enrollment System Project V1.0, developed by Sourcecodester, has been found to be vulnerable to SQL Injection SQLI attacks. This vulnerability allows an attacker to manipulate the SQL queries executed by the application. The system fails to properly validate user-supplied input in the username an...
Harbor <=2.5.3 - Unauthorized Access
An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication id: CVE-2022-46463 info: name: Harbor =2.5.3 - Unauthorized Access author: Arm!tage severity: high description: | An access control issue in Harbor v1.X.X to...
Popup-Maker < 1.8.12 - Broken Authentication
An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the doaction function to invoke certain popmake or pum methods, as demonstrated by controlling content and delivery of popmake-system-info.txt aka the...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/managerequest&id=. id: CVE-2022-31983 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to...
Purchase Order Management v1.0 - SQL Injection
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deleteitem. id: CVE-2022-28022 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity: critical description: | Purchase Order...
Purchase Order Management v1.0 - SQL Injection
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchaseorder/admin/login.php. id: CVE-2023-29622 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity: critical description: | Purchase Order...
Purchase Order Management v1.0 - SQL Injection
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier. id: CVE-2022-28023 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity: critical description: | Purchase Order...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/viewrequest&id=. id: CVE-2022-31982 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to S...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/viewteam&id=. id: CVE-2022-31981 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manageteam&id=. id: CVE-2022-31980 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter. id: CVE-2022-31879 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat,j4vaovo severity: high description: | Online Fire Reporting System 1.0 is vulnerable to SQL Injection via t...
Purchase Order Management v1.0 - SQL Injection
SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter. id: CVE-2021-40908 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity:...
HTTP File Server <2.3c - Remote Command Execution
HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker function in parserLib.pas allows an attacker to execute arbitrary programs via a %00 sequence in a search action. Therefore, an attacker can obtain sensitive information, modify data, and/or gain full...
SEO Panel 4.8.0 - Blind SQL Injection
SEO Panel 4.8.0 is susceptible to time-based blind SQL injection via the ordercol parameter in archive.php. An attacker can potentially retrieve all databases and thus obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected...
Plesk Obsidian <=18.0.49 - Open Redirect
Plesk Obsidian through 18.0.49 contains an open redirect vulnerability via the login page. An attacker can redirect users to malicious websites via a host request header and thereby access user credentials and execute unauthorized operations. NOTE: The vendor's position is "the ability to use...
Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection
Sourcecodester Multi Restaurant Table Reservation System 1.0 contains a SQL injection vulnerability via the file view-chair-list.php. It does not perform input validation on the tableid parameter, which allows unauthenticated SQL injection. An attacker can send malicious input in the GET request ...
Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection
Sourcecodester Hotel and Lodge Management System 2.0 contains a SQL injection vulnerability via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...
Django SQL Injection
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allow SQL injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it is possible to break characte...
phpMyAdmin <4.9.0 - Cross-Site Request Forgery
phpMyAdmin before 4.9.0 is susceptible to cross-site request forgery. An attacker can utilize a broken tag which points at the victim's phpMyAdmin database, thus leading to potential delivery of a payload, such as a specific INSERT or DELETE statement. id: CVE-2019-12616 info: name: phpMyAdmin ta...
WordPress Core <4.7.1 - Username Enumeration
WordPress Core before 4.7.1 is susceptible to user enumeration because it does not properly restrict listings of post authors via wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API, which allows a remote attacker to obtain sensitive information via a...
WordPress Contact Form 7 - Unrestricted File Upload
WordPress Contact Form 7 before 5.3.2 allows unrestricted file upload and remote code execution because a filename may contain special characters. id: CVE-2020-35489 info: name: WordPress Contact Form 7 - Unrestricted File Upload author: soyelmago severity: critical description: WordPress Contact...