#vulnerability

DerbyNet version 9.0 suffers from a cross site scripting vulnerability in photo-thumbs.php.

DerbyNet version 9.0 suffers from a cross site scripting vulnerability in checkin.php.

DerbyNet version 9.0 suffers from a cross site scripting vulnerability in photo.php.

DerbyNet version 9.0 suffers from a cross site scripting vulnerability in render-document.php.

Seo Panel version 4.7.0 suffers from a cross site scripting vulnerability.

Human Resource Management System 2024 version 1.0 suffers from a remote SQL injection vulnerability.

Jasmin Ransomware version 1.1 suffers from an arbitrary file read vulnerability.

A remote code execution vulnerability in Gibbon online school platform version 26.0.00 and lower allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the endpoint /modules/System%20Admin/import_run.php&type=externalAssessment&step=4. As it allows remote code execution, adversaries could exploit this flaw to execute arbitrary commands, potentially resulting in complete system compromise, data exfiltration, or unauthorized access to sensitive information.

Red Hat Security Advisory 2024-1686-03 - A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2024-1678-03 - An update for nodejs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.