Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application. Devamını Oku
Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote authenticated users to change the password of any targeted user accounts via lack of proper authorization in the user-controlled "userID" parameter of the HTTP POST request. Devamını Oku
Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled "command" and "commandvalues" parameters. Devamını Oku
libjpeg-turbo version 2.0.90 is vulnerable to a heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. Devamını Oku
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. Devamını Oku
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. Devamını Oku
A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file. Devamını Oku
An issue was discovered in JIZHI CMS 1.9.4. There is a CSRF vulnerability that can add an admin account via index, /admin.php/Admin/adminadd.html Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database