#firefox

CVE-2023-28874: Seafile Community Edition - Seafile Admin Manual

The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites.

1 year ago

CVE

Open in Source

#sql #xss #web #ios #windows #ubuntu #linux #debian #apache #js #git #perl #ldap #nginx #pdf #oauth #auth #ssh #postgres #firefox

CVE-2023-48824: BoidCMS 2.0.1 Cross Site Scripting ≈ Packet Storm

BoidCMS 2.0.1 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the title, subtitle, footer, or keywords parameter in a page=create action.

1 year ago

CVE

Open in Source

#xss #vulnerability #web #windows #apache #git #php #auth #firefox

CVE-2023-48823: GaatiTrack Courier Management System 1.0 SQL Injection ≈ Packet Storm

A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login.

1 year ago

CVE

Open in Source

#sql #windows #apache #git #php #auth #firefox

Remote code execution vulnerabilities found in Buildroot, Foxit PDF Reader

Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin.

1 year ago

TALOS

Open in Source

#vulnerability #web #ios #android #mac #windows #google #microsoft #amazon #linux #cisco #java #intel #rce #pdf #chrome #firefox

CVE-2023-24046: Technical Advisory – Multiple Vulnerabilities in Connectize G6 AC2100 Dual Band Gigabit WiFi Router (CVE-2023-24046, CVE-2023-24047, CVE-2023-24048, CVE-2023-24049, CVE-2023-24050, CVE-2023-24051, CVE

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility.

1 year ago

CVE

Open in Source

#xss #csrf #vulnerability #web #ios #mac #windows #git #java #perl #samba #auth #telnet #firefox #wifi

CVE-2023-48967: A new RCE vulnerability · Issue #226 · noear/solon

Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization of Untrusted Data.

1 year ago

CVE

Open in Source

#vulnerability #web #mac #git #java #intel #rce #ldap #firefox

PHPJabbers Appointment Scheduler 3.0 Missing Rate Limiting

PHPJabbers Appointment Scheduler version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion.

1 year ago

Packet Storm

Open in Source

#web #windows #linux #git #php #perl #auth #firefox #ssl

Ubuntu Security Notice USN-6509-2

Ubuntu Security Notice 6509-2 - USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. It discovered that Firefox incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. It discovered that Firefox incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. It discovered that Firefox incorrectly did n...

1 year ago

Packet Storm

Open in Source

#vulnerability #web #ubuntu #dos #perl #firefox

PHPJabbers Car Rental 3.0 Missing Rate Limit

PHPJabbers Car Rental version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion.

1 year ago

Packet Storm

Open in Source

#web #windows #linux #git #php #perl #auth #firefox #ssl

PHPJabbers Time Slots Booking Calendar 4.0 Missing Rate Limiting

PHPJabbers Time Slots Booking Calendar version 4.0 suffers from a missing rate limiting control that can allow for resource exhaustion.