CVE-2017-20141

A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Source: CVE-2017-20141

CVE-2017-20142

A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Source: CVE-2017-20142

CVE-2017-20143

A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Source: CVE-2017-20143

CVE-2022-28879

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.

Source: CVE-2022-28879

CVE-2022-28878

A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine.

Source: CVE-2022-28878

CVE-2020-14114

information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

Source: CVE-2020-14114

CVE-2020-14126

Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

Source: CVE-2020-14126

CVE-2022-2510

Cross-site Scripting (XSS) vulnerability in "Extension:ExtendedSearch" of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page "Special:SearchCenter", using the search term in the URL.

Source: CVE-2022-2510

CVE-2022-2511

Cross-site Scripting (XSS) vulnerability in the "commonuserinterface" component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL.

Source: CVE-2022-2511

CVE-2022-34983

The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party.

Source: CVE-2022-34983