Aggregator

Submit #469221 / VDB-290233

Submit #469220 / VDB-290232

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The identification of this vulnerability is CVE-2024-13143. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller/RoleController. java. The manipulation of the argument name leads to cross site scripting. This vulnerability was named CVE-2024-13142. The attack can be initiated remotely. There is no exploit available.

Submit #469217 / VDB-290231

Submit #469213 / VDB-290230

di Marco SchiaffinoPotrebbe essere una delle operazioni di cyber-spionaggio più clamorose di sempre.

A vulnerability was found in Kaspersky Anti-Virus up to 8.0.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument scriptName as part of Parameter leads to cross site scripting. The identification of this vulnerability is CVE-2017-9813. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

分析仿冒浏览器更新脚本安装CS木马

A vulnerability, which was classified as problematic, was found in Bolt up to 2.2.4. This affects an unknown part of the component Theme Editor. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2015-7309. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.