This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this ...
Continue Reading
October 04, 2024
This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a ...
Continue Reading
October 04, 2024
This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a ...
Continue Reading
October 04, 2024
According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.462.3 or Jenkins weekly prior to 2.479. It is, therefore, affected ...
Continue Reading
October 04, 2024
Summary A user with admin permission can read and download arbitrary zip files when downloading auto backups. The file name used to identify the zip file is not properly sanitized when passed to res.d ...
Continue Reading
October 04, 2024
Summary When creating a new plugin using the git source, the user-controlled value req.body.name is used to build the plugin directory where the location will be cloned. The API used to execute the gi ...
Continue Reading
October 04, 2024
Summary A user with admin permission can read and download arbitrary zip files when downloading auto backups. The file name used to identify the zip file is not properly sanitized when passed to res.d ...
Continue Reading
October 03, 2024
Summary When creating a new plugin using the git source, the user-controlled value req.body.name is used to build the plugin directory where the location will be cloned. The API used to execute the gi ...
Continue Reading
October 03, 2024
Back to Main
