Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the…

The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow…

The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the…

Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash…

Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication.…

Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window. Devamını…

A potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API. Devamını Oku

Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window. Devamını…

In “Calibre-webâ€� application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in “Metadataâ€�. An attacker that has access to edit the metadata information, can inject…

The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossary_tooltip shortcode attributes, which could allow users a role as low as Contributor…