A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed…

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was…

A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database…

URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different…

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data. Zafiyet ile ilgili Genel Bilgi, Etki…

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link…

Account Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system. Zafiyet ile ilgili Genel Bilgi, Etki…

mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…