Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user.Read More ...
Continue Reading
June 06, 2023
In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path.Read More ...
Continue Reading
June 06, 2023
In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. T ...
Continue Reading
June 06, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
June 06, 2023
CloudPanel v2.2.2 allows attackers to execute a path traversal.Read More ...
Continue Reading
June 06, 2023
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract a ...
Continue Reading
June 06, 2023
fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating ...
Continue Reading
June 06, 2023
Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility o ...
Continue Reading
June 06, 2023
Back to Main
