A SQL injection vulnerability exists in the vendor_country parameter of the âvendor print reportâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it d ...
Continue Reading
August 09, 2023
A SQL injection vulnerability exists in the âmessage viewer iframeâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This a ...
Continue Reading
August 09, 2023
A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/halt) of OPNsense before 23.7 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.Read More ...
Continue Reading
August 09, 2023
A SQL injection vulnerability exists in the âreporter events typeâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This al ...
Continue Reading
August 09, 2023
A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense before 23.7 allows attackers to inject arbitrary JavaScript via the URL path.Read More ...
Continue Reading
August 09, 2023
A SQL injection vulnerability exists in the âticket queue watchersâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This a ...
Continue Reading
August 09, 2023
A SQL injection vulnerability exists in the ânetwork print reportâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This al ...
Continue Reading
August 09, 2023
OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp.Read More ...
Continue Reading
August 09, 2023
Back to Main
