User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthor ...
Continue Reading
January 08, 2024
A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php of the component Parameter Handler. The ...
Continue Reading
January 08, 2024
A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulat ...
Continue Reading
January 08, 2024
CVE-2023-27163 This is a PoC for CVE-2023-27163 which is a SSRF vulnerability present in request-baskets upto v1.2.1. This vulnerability allows attackers to access sensitive network resources via /ap ...
Continue Reading
January 07, 2024
CVE-2023-27163 This is a PoC for CVE-2023-27163 which is a SSRF vulnerability present in request-baskets upto v1.2.1. This vulnerability allows attackers to access sensitive network resources via /ap ...
Continue Reading
January 07, 2024
A vulnerability was found in OneNav up to 0.9.33. It has been classified as critical. This affects an unknown part of the file /index.php?c=api of the component API. The manipulation of the argument X ...
Continue Reading
January 07, 2024
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0004-1 advisor ...
Continue Reading
January 05, 2024
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any ...
Continue Reading
January 05, 2024
Back to Main
