usrsctp suffers from insecure HMAC generation that can lead to out-of-bounds access.
>> CATEGORY: exploit
WordPress DirectoriesPro plugin version 1.3.45 suffers from multiple cross site scripting vulnerabilities.
The OpenAsset Digital Asset Management web application allowed for spoofing of IP addresses by using X-Forwarded-For header. By default, the web application would allow all traffic in for 127.0.0.1, in…
Online Bus Booking System Project using PHP MySQL version 1.0 suffers from a persistent cross site scripting vulnerability.
The OpenAsset Digital Asset Management web application suffers from multiple reflected and persistent cross site scripting vulnerabilities. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).
OpenAsset Digital Asset Management was found to provide several endpoints which allowed for unauthenticated data retrieval in a CSV format. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).
Advanced Component System (ACS) version 1.0 suffers from a path traversal vulnerability.
OpenAsset Digital Asset Management suffers from a cross site request forgery vulnerability.
OpenAsset Digital Asset Management suffers from an authenticated blind remote SQL injection vulnerability.
Supply Chain Management System suffers from a remote SQL injection vulnerability that allows for authentication bypass.