Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-43624

CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper restriction of XML external entity reference (XXE) vulnerability. If a user opens a specially…

Devamını oku

CVE-2021-46897

views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed CMS or coderedcms) before 0.22.3 allows upward protected/..%2f..%2f path traversal when serving protected media. Zafiyet ile ilgili…

Devamını oku

CVE-2021-46898

views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prevent external redirection with startswith(“/”) but this does not consider a protocol-relative URL (e.g., //example.com)…

Devamını oku

CVE-2023-38276

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. IBM…

Devamını oku

CVE-2023-38275

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. IBM…

Devamını oku

CVE-2023-38193

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2023-38194

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Devamını oku

CVE-2023-38190

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Devamını oku