Day: Şubat 21, 2023

CVE-2022-45677

SQL Injection Vulnerability in tanujpatra228 Tution Management System (TMS) via the email parameter to processes/student_login.process.php. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Devamını oku

CVE-2022-45564

SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat…

Devamını oku

CVE-2022-3353

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially…

Devamını oku

CVE-2022-31394

Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks. Zafiyet…

Devamını oku

CVE-2022-4386

The Intuitive Custom Post Order WordPress plugin through 3.1.3 lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to…

Devamını oku

CVE-2022-4385

The Intuitive Custom Post Order WordPress plugin through 3.1.3 does not check for authorization in the update-menu-order ajax action, allowing any logged in user (with…

Devamını oku

CVE-2020-36656

The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks…

Devamını oku

CVE-2015-10082

A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects the function plist_from_xml of the file src/xplist.c of the component XML…

Devamını oku