Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
6Kare Emakin 5.0.341.0 is affected by Cross Site Scripting (XSS) via the /rpc/membership/setProfile DisplayName field, which is mishandled when rendering the Activity Stream page. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The “Subscribeâ€� feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being sanitized by the application. As a result when admin in backend download and open the csv, content of the cells are executed. Devamını Oku
The “Subscribeâ€� feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being sanitized by the application. As a result when admin in backend download and open the csv, content of the cells are executed. Devamını Oku
Cross Site Scripting (XSS) vulnerability in Booking Core – Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourselfâ€� section under the “My Profileâ€� page, " (2) “Hotel Policyâ€� field under the “Hotel Detailsâ€� page, (3) “Pricing codeâ€� and “nameâ€� fields under the “Manage Tourâ€� page, and (4) all the labels under the “Menuâ€�…
A Null pointer dereference vulnerability exits in MP4Box – GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service. Devamını Oku
A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Devamını Oku
A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Devamını Oku
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. Devamını Oku
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. Devamını Oku
Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user. Devamını Oku