Versions of the package blamer before 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile() API. The library does not sanitize for user input…

NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account. Zafiyet ile ilgili Genel…

SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive…

An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Zafiyet ile ilgili Genel Bilgi, Etki…

An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Zafiyet ile ilgili Genel Bilgi, Etki ve…

An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted SVG file to the…

** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can…

** UNSUPPPORTED WHEN ASSIGNED ** Thanks to the weaknesses that the web application has at the user management level, an attacker could obtain the information…

An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Zafiyet ile ilgili Genel Bilgi,…