11/20/2023 0 Comments Osirix lite 9.5.2![]() Ī vulnerability classified as problematic was found in nuxsmin sysPass up to 3.2.4. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData Informatics MedDataPACS.This issue affects MedDataPACS : before. Upgrading to version 0.98 is able to address this issue. The manipulation of the argument url leads to cross site scripting. Affected by this issue is the function post of the file lib/api.php. This issue has been patched in commit `b3ab33bbf7` which is included in the latest version of the Discourse Ye.Ī vulnerability was found in Fastly Plugin up to 0.97. In affected versions a user present in a yearly review topic that is then anonymised will still have some data linked to its original account. If there is an issue with the request or the credentials, `unauthorized()` or `badRequest()` is called.ĭiscourse-yearly-review is a discourse plugin which publishes an automated Year in Review topic. The issues occurs in `authorizationToUser()` in `greader.php`. When using the greader API, the provided password is logged in clear in `users/_/log_api.txt` in the case where the authentication fails. ![]() The problem ha.įreshRSS is a self-hosted RSS feed aggregator. An attacker could exploit this to email users urls to the servers domain but which may contain malicious code. Instances relying on an allow-listed reset URL are vulnerable to an HTML injection attack through the use of query parameters in the reset URL. Prism Launcher <= 6.1 is vulnerable to Directory Traversal.ĭirectus is a real-time API and App dashboard for managing SQL database content. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |