Kategori: NIST-Güvenlik Açıkları

CVE-2022-29564

Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the internal infrastructure, aka WND-44801. Zafiyet…

Devamını oku

CVE-2022-1991

A vulnerability classified as problematic has been found in Fast Food Ordering System 1.0. Affected is the file Master.php of the Master List. The manipulation…

Devamını oku

CVE-2022-28051

The “Add category” functionality inside the “Global Keywords” menu in “SeedDMS” version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to…

Devamını oku

CVE-2022-28478

SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The “Remove file” functionality inside the “Log files management” menu does not sanitize user input allowing…

Devamını oku

CVE-2022-28479

SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the “Role management”…

Devamını oku

CVE-2022-29296

A reflected cross-site scripting (XSS) vulnerability in the login portal of Avantune Genialcloud ProJ – 10 allows attackers to execute arbitrary web scripts or HTML…

Devamını oku

CVE-2022-27438

Caphyon Ltd Advanced Installer 19.2 was discovered to contain a remote code execution (RCE) vulnerability via the Update Check function. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2022-29631

Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequest#set and `jodd.http.HttpRequest#send. These vulnerabilities allow attackers to execute Server-Side Request…

Devamını oku

CVE-2022-30469

In Afian Filerun 20220202, lack of sanitization of the POST parameter “metadata[]” in `/?module=fileman&section=get&page=grid` leads to SQL injection. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2020-6220

BI Launchpad and CMC in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)…

Devamını oku