CVE-2021-29115 (arcgis_enterprise)
An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise versions 10.9.0 and below may allows a remote attacker to view hidden…
An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise versions 10.9.0 and below may allows a remote attacker to view hidden…
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote, unauthenticated attacker to inject attacker supplied html into a page.…
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. This vulnerability allows attackers to escalate privileges. Devamını…
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. This vulnerability allows attackers to…
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. This vulnerability allows attackers to escalate privileges. Devamını…
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. This vulnerability allows attackers to…
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content Devamını Oku
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content Devamını Oku
Serv-U server responds with valid CSRFToken when the request contains only Session. Devamını Oku
When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the…