βΌ CVE-2015-10042 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in Dovgalyuk AIBattle. Affected by this vulnerability is the function registerUser of the file site/procedures.php. The manipulation of the argument postLogin leads to sql injection. The name of the patch is 448e9880aac18ae7832f8d065e03e46ce0f1d3e3. It is recommended to apply a patch to fix this issue. The identifier VDB-218305 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21598 βΌ
π Read
via "National Vulnerability Database".
Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0298 βΌ
π Read
via "National Vulnerability Database".
Improper Authorization in GitHub repository firefly-iii/firefly-iii prior to 5.8.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22602 βΌ
π Read
via "National Vulnerability Database".
When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot < 2.6 default to Ant style pattern matching. Mitigation: Update to Apache Shiro 1.11.0, or set the following Spring Boot configuration value: `spring.mvc.pathmatch.matching-strategy = ant_path_matcher`π Read
via "National Vulnerability Database".
βΌ CVE-2022-1812 βΌ
π Read
via "National Vulnerability Database".
Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2815 βΌ
π Read
via "National Vulnerability Database".
Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20167 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is fc0e732e58630cba318d6bf49d1388a7aa9d390e. It is recommended to apply a patch to fix this issue. The identifier VDB-217785 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10020 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in ssn2013 cis450Project and classified as critical. This vulnerability affects the function addUser of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. The manipulation leads to sql injection. The name of the patch is 39b495011437a105c7670e17e071f99195b4922e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218380.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10043 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in abreen Apollo. This affects an unknown part. The manipulation of the argument file leads to path traversal. The name of the patch is 6206406630780bbd074aff34f4683fb764faba71. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218307.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0302 βΌ
π Read
via "National Vulnerability Database".
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-23590 βΌ
π Read
via "National Vulnerability Database".
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0303 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Online Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file view_prod.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-218384.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0304 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Online Food Ordering System. This affects an unknown part of the file admin_class.php of the component Signup Module. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-218385 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0305 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester Online Food Ordering System. This vulnerability affects unknown code of the file admin_class.php of the component Login Module. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-218386 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10049 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Overdrive EletrΓΒ΄nica course-builder up to 1.7.x and classified as problematic. Affected by this issue is some unknown functionality of the file coursebuilder/modules/oeditor/oeditor.html. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.0 is able to address this issue. The name of the patch is e39645fd714adb7e549908780235911ae282b21b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218372.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10051 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The name of the patch is 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10050 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in brandonfire miRNA_Database_by_PHP_MySql. It has been declared as critical. This vulnerability affects the function __construct/select_single_rna/count_rna of the file inc/model.php. The manipulation leads to sql injection. The name of the patch is 307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a. It is recommended to apply a patch to fix this issue. VDB-218374 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0314 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0310 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0311 βΌ
π Read
via "National Vulnerability Database".
Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0307 βΌ
π Read
via "National Vulnerability Database".
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".