A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the...
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to...
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system. More information : https://www.ibm.com/support/pages/node/7251265
IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view,...
A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing manipulation results in sql injection. The attack is possible to be carried...
A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing manipulation can lead to sql injection. The attack may be performed...
Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to...
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address (AA) of 0x00000000 or 0xFFFFFFFF, advertising...
Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/–cmd option that allows arbitrary...
@dependencytrack/frontend is a Single Page Application (SPA) used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Since version 4.12.0, Dependency-Track users...
CWE-78 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0
Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0
Multiple CWE-352 Cross-Site Request Forgery (CSRF) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0
CWE-20 Improper Input Validation More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0