Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker:…

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in LearnDash LearnDash LMS allows SQL Injection.This issue affects LearnDash LMS: from…

Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct…

** UNSUPPPORTED WHEN ASSIGNED ** The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update (DFU)…

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows…

LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a…

SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct,…

JHipster generator-jhipster before 2.23.0 allows a timing attack against validateToken due to a string comparison that stops at the first character that is different. Attackers…

A stored XSS in the process overview (bersicht zugewiesener Vorgaenge) in mbsupport openVIVA c2 20220101 allows a remote, authenticated, low-privileged attacker to execute arbitrary code…

tinyfiledialogs (aka tiny file dialogs) before 3.8.0 allows shell metacharacters in titles, messages, and other input data. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…