BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the “Shared Notes” feature contains a Stored Cross-Site Scripting (XSS) vulnerability with the input location being the “Username” field and the output location...
A vulnerability was identified in code-projects Online Complaint Site 1.0. This impacts an unknown function of the file /admin/category.php. Such manipulation of the argument Category leads to sql injection. It is possible to launch...
A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the...
An infinite loop issue in Amazon.IonDotnet library versions
In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability. More information : https://gitee.com/bestfeng/xckk
A vulnerability was found in Tenda W12 3.0.0.6(3948). The impacted element is the function wifiScheduledSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument wifiScheduledSet results in null...
An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlet page that, when visited by another...
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices...
In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in address/list is not securely filtered, resulting in a SQL injection vulnerability. More information : https://gitee.com/bestfeng/xckk
code-projects Simple Scheduling System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Subject Description field. More information : http://code-projects.com
An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another...
An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Template Definitions page that, when visited by another...
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS)....
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or...