Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user’s session cookies and impersonate their account via…

A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account. Zafiyet ile ilgili Genel Bilgi,…

An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via session key…

In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be…

mooSocial v3.1.8 was discovered to contain a cross-site scripting (XSS) vulnerability via the change email function. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

szvone vmqphp <=1.13 is vulnerable to SQL Injection. Unauthorized remote users can use sql injection attacks to obtain the hash of the administrator password. Zafiyet…

An issue in Service Provider Management System v.1.0 allows a remote attacker to gain privileges via the ID parameter in the /php-spms/admin/?page=user/ endpoint. Zafiyet ile…

Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the ‘Insert link’ parameter in the ‘Insert Image’…