| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js. |
| The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party. |
| The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. |
| The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. |
| So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the att_value_id , manu_value_id , opt_value_id , and subcate_value_id parameters at /index.php?route=extension/module/so_filter_shop_by/filter_data. |
| An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file. |
| Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. On successful exploitation this vulnerability allows attackers to remotely execute arbitrary code in the context of the vulnerable service. |
| PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference. |
| An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query. |
| The assertion `stmt->Dbc->FirstStmt' failed in MonetDB Database Server v11.43.13. |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home. |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/com_installer. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. Note: The project owner believes this is intended behavior of the application as it only allows authenticated admins to upload files. |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages module. |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module. |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module. |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module. |
| The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the attacker to mount any arbitrary file to any location on the host. |
| Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_groups.php. |
| Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_topusers.php. |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php. |
