CVE-2021-29358
A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file. Devamını Oku
A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file. Devamını Oku
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. Devamını Oku
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. Devamını Oku
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. Devamını Oku
Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
libjpeg-turbo version 2.0.90 is vulnerable to a heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled "command" and "commandvalues" parameters. Devamını Oku
Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote authenticated users to change the password of any targeted user accounts via lack of proper authorization in the user-controlled "userID" parameter of the HTTP POST request. Devamını Oku
Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application. Devamını Oku
Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use various functionalities without authentication. Devamını Oku
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP. Devamını Oku