» 2023 » 1월

CVE-2023-0306

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2023-0306

Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Source: CVE-2023-0306

CVE-2023-0308

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2023-0308

Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Source: CVE-2023-0308

CVE-2023-0309

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2023-0309

Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Source: CVE-2023-0309

CVE-2023-0307

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2023-0307

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Source: CVE-2023-0307

CVE-2023-0313

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2023-0313

Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Source: CVE-2023-0313

CVE-2023-0310

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2023-0310

Cross-site Scripting (XSS) – Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Source: CVE-2023-0310

CVE-2018-25075

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2018-25075

A vulnerability classified as critical has been found in karsany OBridge up to 1.3. Affected is the function getAllStandaloneProcedureAndFunction of the file obridge-main/src/main/java/org/obridge/dao/ProcedureDao.java. The manipulation leads to sql injection. Upgrading to version 1.4 is able to address this issue. The name of the patch is 52eca4ad05f3c292aed3178b2f58977686ffa376. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218376.

Source: CVE-2018-25075

CVE-2016-15019

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2016-15019

A vulnerability was found in tombh jekbox. It has been rated as problematic. This issue affects some unknown processing of the file lib/server.rb. The manipulation leads to exposure of information through directory listing. The attack may be initiated remotely. The name of the patch is 64eb2677671018fc08b96718b81e3dbc83693190. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218375.

Source: CVE-2016-15019

CVE-2015-10052

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2015-10052

** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in calesanz gibb-modul-151. This affects the function bearbeiten/login. The manipulation leads to open redirect. It is possible to initiate the attack remotely. The name of the patch is 88a517dc19443081210c804b655e72770727540d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218379. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Source: CVE-2015-10052

CVE-2016-15018

Posted on 2023년 1월 16일2023년 1월 16일 by admin

CVE-2016-15018

A vulnerability was found in krail-jpa up to 0.9.1. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. Upgrading to version 0.9.2 is able to address this issue. The name of the patch is c1e848665492e21ef6cc9be443205e36b9a1f6be. It is recommended to upgrade the affected component. The identifier VDB-218373 was assigned to this vulnerability.

Source: CVE-2016-15018