The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields,…

Data Integrity Failure in ‘Backup Config’ in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. Zafiyet ile…

LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat. Zafiyet ile ilgili Genel Bilgi,…

RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service. Zafiyet…

RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire…

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input Deposit Comment. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input sHeader. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

A remote attacker with general user privilege can inject malicious code in the form content of Raiden MAILD Mail Server website. Other users export form…