Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'. Devamını Oku

Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is…

Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) datat.ph_inpup, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7)…

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the…

Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/. Devamını Oku

Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/. Devamını Oku

Cross Site Scripting (XSS) vulnerabilty exists in BigTree-CMS 4.4.3 in the tag name field found in the Tags page under the General menu via a…

Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Heading field found in the Login Page page under the General menu via a…

Stored cross-site scripting (XSS) vulnerability in the Copyright Text field found in the Application page under the Configuration menu in Rukovoditel 2.4.1 allows remote attackers…

Stored cross-site scripting (XSS) vulnerability in the Name of application field found in the General Configuration page in Rukovoditel 2.4.1 allows remote attackers to inject…