org.opendaylight.aaa:aaa-idm-store-h2 is vulnerable to SQL Injection attacks. A specifically crafted attack statement through the `deleteRole` function in `RoleStore.java` allows a malicious user to i ...
Continue Reading
November 28, 2022
### Impact On sites where members is enabled (this is the default) it is possible for members (unprivileged users) to make changes to newsletter settings. This gives unprivileged users the ability to ...
Continue Reading
November 28, 2022
The user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and se ...
Continue Reading
November 28, 2022
### Impact On sites where members is enabled (this is the default) it is possible for members (unprivileged users) to make changes to newsletter settings. This gives unprivileged users the ability to ...
Continue Reading
November 28, 2022
Wordfence 7.8.0 is out! A huge thanks to our quality assurance team, our team of developers and our ops team for planning, implementing and releasing Wordfence 7.8.0. This release has several fixes to ...
Continue Reading
November 28, 2022
A command injection vulnerability exists in Belkin Wemo. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected...Read More ...
Continue Reading
November 28, 2022
[ 
Back to Main
