**Description:** Hi team, I would like to report a security vulnerability I discovered on your website. I was able to perform Server-Side Request Forgery (SSRF) attacks via the xmlrpc.php file at http ...
Continue Reading
April 14, 2023
**Description:** Hi team, I would like to report a security vulnerability I discovered on your website. I was able to perform Server-Side Request Forgery (SSRF) attacks via the xmlrpc.php file at http ...
Continue Reading
April 14, 2023
**Description:** Hi team, I would like to report a security vulnerability I discovered on your website. I was able to perform Server-Side Request Forgery (SSRF) attacks via the xmlrpc.php file at http ...
Continue Reading
April 14, 2023
**Description:** Hi team, I would like to report a security vulnerability I discovered on your website. I was able to perform Server-Side Request Forgery (SSRF) attacks via the xmlrpc.php file at http ...
Continue Reading
April 14, 2023
lava is vulnerable to Denial Of Service (DoS). The vulnerability exists because the users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading ...
Continue Reading
March 29, 2023
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python Web framework that encourages rapid development and a c ...
Continue Reading
March 28, 2023
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-068 advisory. - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as chec ...
Continue Reading
March 22, 2023
- CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request ...
Continue Reading
March 09, 2023
Back to Main
