An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized…

A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders…

Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation. Zafiyet…

There is no account authentication and permission check logic in the firmware and existing apps of SiHAS’s SGW-300, ACM-300, GCM-300, so unauthorized users can remotely…

Improper Authentication vulnerability in S&D smarthome(smartcare) application can cause authentication bypass and information exposure. Remote attackers can use this vulerability to take control of the…

Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in student_profile.php. Zafiyet ile…

Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability that can allow an attacker to execute arbitrary code. Zafiyet ile ilgili Genel Bilgi, Etki…

SQL injection exists in LaiKetui v3.5.0 the background administrator list. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained. Zafiyet ile ilgili Genel Bilgi, Etki…

A stored cross-site scripting (XSS) vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content. Zafiyet ile ilgili Genel…