38133 matches found
Denial Of Service (DoS)
vrana/adminer is vulnerable to Denial of Service DoS. The vulnerability is caused due to improper handling of HTTP redirects, which allows an attacker to trigger a Denial of Service DoS condition by connecting adminer to an attacker controlled service...
Insertion Of Sensitive Information Into Log File
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source is vulnerable to Insertion Of Sensitive Information Into Log File. The vulnerability is due to the token being printed in the build log as part of the Bitbucket URL. An attacker can view the token and gain unauthorized access...
Code Injection
flowise is vulnerable to Code Injection. The vulnerability is due to improper input validation in the api/v1 endpoint, allowing a remote attacker to execute arbitrary code via a crafted script...
Cross-site Scripting (XSS)
djangorestframework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization via the breaklongheaders template filter. This allows an attacker to inject malicious scripts by exploiting the improper santization in the header processing...
Unencrypted Stored Credentials
org.jenkins-ci.plugins:plain-credentials is vulnerable to Unencrypted Stored Credentials. The vulnerability is caused when decrypting file contents to check for valid encrypted secrets, resulting in the file content being stored unencrypted only Base64 encoded. An attacker with access to the...
Server-Side Request Forgery (SSRF)
vrana/adminer is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the improper handling of user-supplied input in database connection fields. This allows an unauthenticated remote attacker to enumerate or access systems they would not otherwise have access to...
Cross-site Scripting (XSS)
TYPO3 is vulnerable to Cross-site Scripting XSS. The vulnerability is due to failing to properly encode user input in the login status display in the website frontend, requiring a valid user account either backend or frontend to exploit...
Information Disclosure
typo3/cms is vulnerable to Information Disclosure. The vulnerability is due to logging login failures, including plain-text user credentials, at the "warning" log level, which potentially leads to unauthorized access to sensitive user information...
Denial Of Service (DoS)
silverstripe/framework is vulnerable to Denial Of Service DoS. The vulnerability is due to insufficient authentication controls in the dev/build system controller, which could allow unauthorized users to trigger the dev/build process and potentially causing resource exhaustion and disrupting...
Code Injection
willdurand/js-translation-bundle is vulnerable to Code Injection. The vulnerability is due to a lack of validation of 'locale' parameter in 'Controller.php' file, which allows an attacker to inject javascript code...
Sensitive Information Disclosure
typo3/cms is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the Install Tool exposing the current TYPO3 version number to non-authenticated users...
Information Disclosure
silverstripe/framework is vulnerable to Information Disclosure. The vulnerability is due to sensitive database connection details potentially being exposed in stack traces when running in dev mode with the mysqli database driver...
Insufficient Session Expiration
zfr/zfr-oauth2-server-module is vulnerable to Insufficient Session Expiration. The vulnerability is due to a lack of token validation for expiration and validity, allowing users to potentially use invalidated authentication credentials...
Privilege Escalation
pgAdmin4 is vulnerable to Privilege Escalation. The vulnerability is caused by improper permissions set on the installation directory, allowing attackers to gain unauthorized access on Debian or RHEL 8 platforms...
Cross-site Scripting (XSS)
TYPO3 is vulnerable to Cross-site Scripting XSS. The vulnerability is due to failing to properly encode user input in notifications shown in modal windows in the TYPO3 backend...
URL Rewrite
zendframework/zend-feed is vulnerable to URL Rewrite. The vulnerability is due to marshaling a request URI that includes logic to introspect HTTP request headers specific to a server-side URL rewrite mechanism. The attacker can emulate these headers to request arbitrary content...
NULL Pointer Dereference
github.com/pingcap/tidb is vulnerable to a Null pointer dereference. The vulnerability is due to improper handling of nil pointers within the expression.inferCollation function, which allows attackers to crash the application...
Information Disclosure
aimeos/ai-client-html is vulnerable to Sensitive Information Exposure. The vulnerability is due to debug information revealing sensitive information from environment variables in error logs, allowing attackers to potentially access confidential data...
SQL Injection
silverstripe/postgresql is vulnerable to SQL injection. The vulnerability is due to the inadequate handling of table names in the silverstripe/postgresql database adapter, which allows malicious SQL injection attacks if table names are not properly escaped or sanitized...
URL Rewrite
zendframework/zend-diactoros is vulnerable to URL Rewrite. The vulnerability is due to marshaling a request URI that includes logic to introspect HTTP request headers specific to a server-side URL rewrite mechanism. The attacker can emulate these headers to request arbitrary content...
Cross-site Scripting (XSS)
org.dspace:dspace-server-webapp is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by improper validation of download behavior for HTML, XML, or JavaScript Bitstreams, allowing embedded JavaScript to execute in the user's browser, which could potentially lead to XSS attacks...
Cross-site Scripting (XSS)
typo3/cms is vulnerable to Cross-site Scripting XSS. The vulnerability is due to failing to properly encode user input in online media asset rendering for .youtube and .vimeo files, requiring a valid backend user account or write access on the server system to exploit...
Cross Site Request Forgery (CSRF)
silverstripe/graphql is vulnerable to Cross Site Request Forgery CSRF. The vulnerability is due to the lack of CSRF protection, allowing authenticated users to unwittingly trigger GET requests that can modify or delete data on the server...
Command Injection
github.com/hashicorp/go-getter is vulnerable to Command Injection. The vulnerability is caused by improper handling of arguments in Git operations within getgit.go. This allows attackers to manipulate the Git configuration and execute arbitrary code...
Malicious CDN Embedding
pdoc is vulnerable to malicious CDN embedding. The vulnerability is caused when documentation is generated with math mode pdoc --math due to the usage of a compromised polyfill.io CDN domain. An attacker could potentially exploit this by injecting malicious code into documentation generated with...
Cache Poisoning
ezsystems/ezplatform is vulnerable to cache poisoning. The vulnerability is due to the inability to prevent front-controller script inclusion in URLs when using eZ Platform Cloud or within the .platform.app.yaml configuration file. It allows an attacker to manipulate the cache and potentially ser...
Denial Of Service (DoS)
typo3/cms is vulnerable to Denial of Service DoS. The vulnerability is due to handling large .youtube and .vimeo files in the backend, leading to high consumption of system resources and exceeding PHP process limits, resulting in a dysfunctional backend component...
Session Hijacking
typo3/cms is vulnerable to Session Hijacking. The vulnerability is due to cookies not being hardened to be submitted only via HTTP, which in combination with other vulnerabilities like cross-site scripting can lead to hijacking an active and valid session...
Cross-Site Scripting (XSS)
zendframework/zend-navigation is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the use of the escapeHtml view helper instead of escapeHtmlAttr, leading to improper HTML attribute escaping...
Sensitive Information Disclosure
zendframework/zend-developer-tools is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a change made during the update to support PHP 7.3 that potentially prevents toolbar entries, which are enabled by default, from being disabled. The attacker can exploit this by...
Information Disclosure
SilverStripe is vulnerable to Information Disclosure. The vulnerability is caused by a specific URL path configured by default through the silverstripe/framework module, which can be used to disclose that a domain is hosting a SilverStripe application...
Arbitrary Code Execution
typo3/cms is vulnerable to arbitrary file upload. The vulnerability is due to a missing file extensions in $GLOBALS'TYPO3CONFVARS''BE''fileDenyPattern', allowing backend users to upload executable files such as .phar, .shtml, .pl, or .cgi in certain web server setups...
Sensitive Information Disclosure
typo3/cms is vulnerable to Sensitive Information Disclosure. The vulnerability is due to mechanisms used for configuration of RequireJS package loading, which can potentially allow an attacker to retrieve additional information about the installed system and third-party extensions...
Cross-site Scripting (XSS)
org.apache.jspwiki:jspwiki-builder is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by a lack of proper sanitization for the certain characters of user input within Wiki.js. This allows an attacker to potentially inject and execute malicious scripts in the context of the...
Improper Input Validation
github.com/rancher/rancher is vulnerable to Improper Input Validation. The vulnerability is due to the tampering of the errorMsg parameter, allowing for the display of arbitrary content, filtering tags but not special characters or symbols. This can lead to malicious users to lure legitimate user...
Cross-site Scripting (XSS)
typo3/cms is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of field validation error outputs, which allows malicious scripts to be executed in the user's browser...
Cross Site Scripting(XSS)
ydataprofiling is vulnerable to a Cross-site scripting XSS vulnerability. This vulnerability is due to insufficient sanitization of user-supplied inputs in reports, allowing malicious payloads to execute when these reports are viewed in the browser...
XML External Entity (XXE)
org.cyclonedx:cyclonedx-core-java is vulnerable to XML External Entity XXE.The vulnerability is caused due to improper configuration of the DocumentBuilderFactory used to evaluate XPath expressions to determine the schema version of the BOM before deserializing CycloneDX Bill of Materials in XML...
Remote Code Execution (RCE)
parisneo/lollms is vulnerable to Remote Code Execution RCE. The vulnerability is due to the misuse of the shell=True parameter in the subprocess.Popen function within the createcondaenv function of the parisneo/lollms repository. The vulnerability allows an attacker to execute arbitrary commands...
Information Disclosure
github.com/hashicorp/go-retryablehttp is vulnerable to Information Disclosure . The vulnerability is due to improper sanitization of URLs when writing them to the log file, allowing an attacker to potentially access sensitive HTTP basic auth credentials...
Insecure Random Number Generator
apache streampipes is vulnerable to Insecure Random Number Generator. The vulnerability is due to the use of a cryptographically weak PRNG in the user self-registration and password recovery mechanism, which allows an attacker to guess the recovery token in a reasonable time and take over the...
Improper Access Control
github.com/rancher/rancher is vulnerable to Improper Access Control. The vulnerability is due to improper cleanup of roleBindings associated with a user or group when they are removed from a project, allowing former members to continue creating, updating, reading, and deleting namespaces in that...
Path Traversal
CodeChecker is vulnerable to a Path traversal. The vulnerability is due to improper sanitization of ZIP files at the CodeCheckerService@massStoreRun endpoint. An attackers can exploit this by inserting arbitrary files into internal database, which can then be displayed through the Web interface...
Denial Of Service (DoS)
io.crate: crate is vulnerable for Denial Of Service. The vulnerability is due to the server allowing client-initiated renegotiation, which attackers can exploit to repeatedly request renegotiation of security parameters during an ongoing TLS session. This can lead to excessive CPU resource...
Denial Of Service (DoS)
ZenML is vulnerable to a Denial Of Service DoS. The vulnerability is due to improper handling of line feed \n characters in component names, allowing an attacker to cause uncontrolled resource consumption by adding a component through an API endpoint api/v1/workspaces/default/components...
Unrestricted Upload Of File With Dangerous Type
vrana/admine is vulnerable to a Unrestricted Upload Of File With Dangerous Type. The vulnerability is due to the ability to upload a file with a table name of “..” to the root of the Adminer directory, allowing attackers to guess the name of the uploaded file and execute it...
Cross Site Scripting (XSS)
drupal/drupal is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the issues in the CKEditor library when configured for WYSIWYG editing, allowing attackers to target users with access to CKEditor, including privileged site admins...
Open Redirect
gradio is vulnerable to Open Redirect. The vulnerability is due to improper validation of user-supplied input, allowing attackers to redirect users to arbitrary websites...
Cross Site Scripting (XSS)
ezsystems/ezplatform-admin-ui is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient escaping of user-generated content within parts of the Admin UI, allowing attackers to inject malicious scripts that can then be executed within the context of other users' sessions o...
SQL Injection
opencart/opencart is vulnerable to SQL Injection. The vulnerability is due to insufficient validation in the Divido payment extension, allowing an anonymous unauthenticated user to exploit SQL injection to gain unauthorized access to the backend database...