KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.Read More ...
Continue ReadingSeptember 14, 2022
Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.Read More ...
Continue ReadingSeptember 14, 2022
PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially c ...
Continue ReadingSeptember 14, 2022
Loan Management System 1.0 is vulnerable to SQL Injection at the login page, which allows unauthorized users to login as Administrator after injecting username form.Read More ...
Continue ReadingSeptember 14, 2022
Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.Read More ...
Continue ReadingSeptember 14, 2022
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution (RCE). The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who d ...
Continue ReadingSeptember 14, 2022
An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, ...
Continue ReadingSeptember 14, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingSeptember 14, 2022
Back to Main