Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-41613: EzViz Studio 2.2.0 DLL Hijacking ≈ Packet Storm

EzViz Studio v2.2.0 is vulnerable to DLL hijacking.

CVE
Open in Source
#ios#windows#microsoft#auth#sap
October CMS 3.4.0 Author Cross Site Scripting

October CMS version 3.4.0 suffers from a persistent cross site scripting vulnerability when a user has author posting capabilities.

PHPJabbers Car Rental 3.0 HTML Injection

PHPJabbers Car Rental version 3.0 suffers from an html injection vulnerability.

PHPJabbers Car Rental 3.0 Cross Site Scripting

PHPJabbers Car Rental version 3.0 suffers from multiple persistent cross site scripting vulnerabilities.

PHPJabbers Car Rental 3.0 CSV Injection

PHPJabbers Car Rental version 3.0 suffers from a CSV injection vulnerability.

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure

R Radio Network FM Transmitter version 1.07 suffers from an improper access control that allows an unauthenticated actor to directly reference the system.cgi endpoint and disclose the clear-text password of the admin user allowing authentication bypass and FM station setup access.

PHPJabbers Car Rental 3.0 Missing Rate Limit

PHPJabbers Car Rental version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion.

PHPJabbers Time Slots Booking Calendar 4.0 Missing Rate Limiting

PHPJabbers Time Slots Booking Calendar version 4.0 suffers from a missing rate limiting control that can allow for resource exhaustion.

PHPJabbers Availability Booking Calendar 5.0 Missing Rate Limiting

PHPJabbers Availability Booking Calendar version 5.0 suffers from a missing rate limiting control that can allow for resource exhaustion.

PHPJabbers Shuttle Booking Software 2.0 CSV Injection

PHPJabbers Shuttle Booking Software version 2.0 suffers from a CSV injection vulnerability.