Day: Nisan 28, 2022

CVE-2022-1511

Improper Access Control in GitHub repository snipe/snipe-it prior to 5.4.4. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Devamını oku

CVE-2021-43939

Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints. Zafiyet ile ilgili…

Devamını oku

CVE-2021-43934

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files.…

Devamını oku

CVE-2021-43932

Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the dashboard or the main page.…

Devamını oku

CVE-2021-43930

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and…

Devamını oku

CVE-2021-41945

Encode OSS <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

Devamını oku

CVE-2021-41921

novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2022-1509

Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context. Zafiyet…

Devamını oku