Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2021-44096

EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profile_action – update_user. This allows a remote attacker to compromise Application SQL database. Zafiyet ile…

Devamını oku

CVE-2021-44097

EGavilan Media Contact-Form-With-Messages-Entry-Management 1.0 is vulnerable to SQL Injection via Addmessage.php. This allows a remote attacker to compromise Application SQL database. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2021-44098

EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2021-42202

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to…

Devamını oku

CVE-2021-42203

An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code…

Devamını oku

CVE-2021-42204

An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code…

Devamını oku

CVE-2021-42872

TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Devamını oku

CVE-2021-43306

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input…

Devamını oku

CVE-2021-34084

OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata() function. Zafiyet ile ilgili Genel…

Devamını oku