Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-22226: Phpjabbers Fundraising Script 1.0 - Pastebin.com

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.

CVE
#sql#vulnerability

Related news

CVE-2021-42770: OPNsense 21.7.4 released - OPNsense® is a true open source firewall and more

A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester.

CVE-2020-22225: Phpjabbers Fundraising Script 1.0 - Pastebin.com

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function.

CVE-2020-22223: Phpjabbers Fundraising Script 1.0 - Pastebin.com

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.

CVE-2020-22224: Phpjabbers Fundraising Script 1.0 - Pastebin.com

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function.

CVE-2020-22222: Phpjabbers Fundraising Script 1.0 - Pastebin.com

Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function.

CVE-2021-3545: 1958955 – (CVE-2021-3545) CVE-2021-3545 QEMU: vhost-user-gpu: information disclosure due to uninitialized memory read

An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907