An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain…

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the…

BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. Devamını Oku

phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php. Devamını Oku

BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. Devamını Oku

phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php. Devamını Oku

An issue in the noReentrance() modifier of the Ethereum-based contract Accounting 1.0 allows attackers to carry out a reentrancy attack. Devamını Oku

The time check operation of PepeAuctionSale 1.0 can be rendered ineffective by assigning a large number to the _duration variable, compromising access control to the…

A lack of target address verification in the destroycontract() function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script.…

A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script.…