Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100.Read More ...
Continue ReadingAugust 09, 2022
## What is an ESG? Environmental, social, and corporate governance (ESG) documentation is a way to visualize and evaluate how an organization is working for the betterment of social goals and how that ...
Continue ReadingAugust 09, 2022
Post ContentRead More ...
Continue ReadingAugust 09, 2022
Post ContentRead More ...
Continue ReadingAugust 09, 2022
# Description Via the `/api/upload/upload-by-url` endpoint is possible to upload an image via an URL provided by the user. The function that handles this upload, doesn't verify or validate the provide ...
Continue ReadingAugust 08, 2022
# Description The password change function doesn't properly handle the `Change Password` role, allowing to any user, that has this role enabled, to change the password of any user in the system, inclu ...
Continue ReadingAugust 08, 2022
# Description The login page doesn't have any protection against a brute-force password attack, which allows an attacker to try every possible password combination without any restriction. # Proof of ...
Continue ReadingAugust 08, 2022
# Description A unauthenticated user can read and download files of the application system by abusing the `filename` parameter, of the `/api/image/cover-upload`endpoint, that is not properly sanitized ...
Continue ReadingAugust 08, 2022
Back to Main