SAP PowerDesigner - version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries against the back-end database via Proxy.Read More ...
Continue Reading
August 08, 2023
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search field, in BO's product page. Version 8.1.1 contains a patch for this issue ...
Continue Reading
August 07, 2023
A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file ex_catagory_data.php. The manipulation of ...
Continue Reading
August 07, 2023
`import-in-the-middle` is a module loading interceptor specifically for ESM modules. Prior to version 1.4.2, the `import-in-the-middle` loader works by generating a wrapper module on the fly. The wrap ...
Continue Reading
August 07, 2023
Cryptomator encrypts data being stored on cloud infrastructure. The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via ...
Continue Reading
August 07, 2023
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be used to read any file on the server, potentially even outside of the project i ...
Continue Reading
August 07, 2023
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, ...
Continue Reading
August 07, 2023
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back ...
Continue Reading
August 07, 2023
Back to Main
