Güncel Güvenlik Açıkları

JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter. Devamını Oku

FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter. Devamını Oku

FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php. Devamını Oku

JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter. Devamını Oku

A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. Devamını Oku

REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file. Devamını Oku

libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_example1.c. Devamını Oku

libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_connection.c. Devamını Oku

libiec_iccp_mod v1.5 contains a segmentation violation in the component server_example1.c. Devamını Oku

rudp v0.6 was discovered to contain a memory leak in the component main.c. Devamını Oku

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179. Devamını Oku

IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 199282. Devamını Oku