Day: Şubat 15, 2023

CVE-2022-40016

Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows attackers to cause a denial of service. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2022-38935

An issue was discovered in NiterForum version 2.5.0-beta in /src/main/java/cn/niter/forum/api/SsoApi.java and /src/main/java/cn/niter/forum/controller/AdminController.java, allows attackers to gain escalated privileges. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2022-38868

SQL Injection vulnerability in Ehoney version 2.0.0 in models/protocol.go and models/images.go, allows attackers to execute arbitrary code. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

Devamını oku

CVE-2022-38867

SQL Injection vulnerability in rttys versions 4.0.0, 4.0.1, and 4.0.2 in api.go, allows attackers to execute arbitrary code. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2021-38239

SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2021-34117

SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information. Zafiyet ile ilgili…

Devamını oku

CVE-2021-33925

SQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unauthenticated attackers to gain escilated privledges via a crafted login. Zafiyet ile…

Devamını oku

CVE-2021-33396

Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php. Zafiyet…

Devamını oku

CVE-2021-33304

Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2020-21120

SQL Injection vulnerability in file homecontrolscart.class.php in UQCMS 2.1.3, allows attackers execute arbitrary commands via the cookie_cart parameter to /index.php/cart/num. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku