It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not hav ...
Continue Reading10 марта, 2022
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve ...
Continue Reading10 марта, 2022
CasaOS before v0.2.7 was discovered to contain a command injection vulnerability via the component leave or join zerotier... ...
Continue Reading10 марта, 2022
Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version range: all versions of NG version, up to OUM 759. This vulnerability could allow an attacker with authenti ...
Continue Reading10 марта, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf& ...
Continue Reading10 марта, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-con ...
Continue Reading10 марта, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagn ...
Continue Reading10 марта, 2022
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without ...
Continue Reading09 марта, 2022
Back to Main