The Managentities plugin before 4.0.2 for GLPI allows reading local files via directory traversal in the inc/cri.class.php file parameter. Zafiyet ile ilgili Genel Bilgi, Etki…

The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter. Zafiyet ile ilgili Genel Bilgi, Etki…

front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access to sensitive information via a _log/ pathname in the file…

ENTAB ERP 1.0 allows attackers to discover users’ full names via a brute force attack with a series of student usernames such as s10000 through…

In the External Redirect Warning Plugin 1.3 for MyBB, the redirect URL (aka external.php?url=) is vulnerable to XSS. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Dreamer CMS 4.0.1 allows SQL injection via ArchivesMapper.xml. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a…

Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page. Zafiyet ile ilgili Genel Bilgi,…

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure. Zafiyet…

OX App Suite before 7.10.6-rev30 allows XSS via an upsell trigger. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability…