OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-list and thus can be attacked by an adversary who controls the…

A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with secure-file-priv). Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target’s MAC address, sending Power Save…

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the adin/importModels Import Records Model field…

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Create Action function, aka an…

x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.…

There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on…

Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a  pre-authentication attack. This issue affects Apache OFBiz:…

Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass.This issue affects Access Management: from 6.5.0 through 7.2.0. Zafiyet ile ilgili Genel Bilgi, Etki…