It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. This…

A vulnerability was found in iamdroppy phoenixcf. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file content/2-Community/articles.cfm.…

A vulnerability classified as critical has been found in ale7714 sigeprosi. This affects an unknown part. The manipulation leads to sql injection. The name of…

A vulnerability was found in AlexRed contentmap. It has been rated as critical. Affected by this issue is the function Load of the file contentmap.php.…

A vulnerability was found in ridhoq soundslike. It has been classified as critical. Affected is the function get_song_relations of the file app/api/songs.py. The manipulation leads…

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could…

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

BlogEngine.NET v3.3.8.0 allows an attacker to create any folder with “files” prefix under ~/App_Data/. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

OS Command Injection vulnerability in OKER G955V1 v1.03.02.20161128, allows physical attackers to interrupt the boot sequence and execute arbitrary commands with root privileges. Zafiyet ile…

DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request. Zafiyet ile…