[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 245636 Download | Alert*

In ThinkPHP 5.1.24, the inner function delete can be used for SQL injection when its WHERE condition's value can be controlled by a user's request.

Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file.

utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.

network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. IBM X-Force ID: 148601.

utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.

Vanilla before 2.6.1 allows XSS via the email field of a profile.

InfluxDB 0.9.5 has Reflected XSS in the Write Data module.

The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and fckeditor/editor/filemanager/connectors/uploadtest.html.

An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the name field of a project.


Pages:      Start    10147    10148    10149    10150    10151    10152    10153    10154    10155    10156    10157    10158    10159    10160    ..   24563

© SecPod Technologies