Skip to content

TechMedia

Header Image
Category

MODERATE

588 Posts

Featured

Posted byWpmaster
[vitess.io/vitess] vitess allows users to create keyspaces that can deny access to already existing keyspaces
Posted byWpmaster
[github.com/answerdev/answer] Answer vulnerable to account takeover because password reset links do not expire
Posted byWpmaster
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to improper access control
Posted byWpmaster
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter

[org.apache.helix:helix] Apache Helix UI vulnerable to Open Redirect

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/19/202212/20/2022

URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to and including 1.0.4. Solution: removed the the forward component since …

[django-termsandconditions] Terms and Conditions Module vulnerable to Open Redirect

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/18/202212/27/2022

A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.10 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. T…

[cn.hutool:hutool-core] HuTool vulnerable to Uncontrolled Resource Consumption

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/17/202212/17/2022

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remote…

[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/16/202212/20/2022

Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page.
References

https://nvd.nist.gov/vuln/detail/CVE-2021-36572
https://github.com/liufee/cms/issues/58
https…

[feehi/feehicms] FeehiCMS Unrestricted Upload vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/16/202212/19/2022

File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload.
References

https://nvd.nist.gov/vuln/detail/CVE-2021-36573
https://github.com/liufee/cms/issues/59
https://github.com/advisories/GHSA-67…

[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/16/202212/20/2022

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-40000
https://github.com/liufee/cms/issues/6…

[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/16/202212/20/2022

Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-40373
https://github.com/liufee/cms/issues/67
https://github….

[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/16/202212/20/2022

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-40001
https://github.com/liufee/cms/issues/65…

[feehi/feehicms] FeehiCMS Cross Site Scripting vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/16/202212/20/2022

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-40002
https://github.com/liufee/cms/issues/66
http…

[rfc6902] npm package rfc6902 vulnerable to Prototype Pollution

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/16/202212/16/2022

A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The e…

Posts navigation

Previous Posts 1 … 24 25 26 27 28 … 59 Next Posts
TechMedia
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close