A vulnerability classified as very critical was found in Multisuns EasyLog Web+ 1.13.2.8. Affected by this vulnerability is an unknown functionality. The manipulation leads to code injection.
This vulnerability is known as CVE-2023-48390. The attack c…
A vulnerability, which was classified as critical, has been found in Kaifa WebITR 2_1_0_23. Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials.
This vulnerability is handled as CVE-2023-48392. The at…
A vulnerability classified as problematic has been found in Apache Dubbo 3.1.5. Affected is an unknown function. The manipulation leads to deserialization.
This vulnerability is traded as CVE-2023-46279. Access to the local network is required for thi…
A vulnerability was found in Apache Dubbo up to 3.1.10/3.2.4. It has been rated as problematic. This issue affects some unknown processing of the component Package Handler. The manipulation leads to deserialization.
The identification of this vulnerab…
Web Application Security consists of a myriad of security controls that ensure that a web application:
Functions as expected.
Cannot be exploited to operate out of bounds.
Cannot initiate operations that it is not supposed to do.
Web Applications hav…
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances.
The issues relate to two reflected …
I believe this question is covered as the problem is straightforward. But, as I am building a web service from scratch, I’d like to have some advice on how to do it better.
Let’s say my web service gives some bonus tokens to any new user w…
A vulnerability was found in Softnext Mail SQR Expert up to 230330. It has been declared as critical. This vulnerability affects unknown code of the component URL Handler. The manipulation leads to path traversal.
This vulnerability was named CVE-2023…
A vulnerability was found in SmartStar CWS Web-Base 10.25. It has been classified as critical. This affects an unknown part. The manipulation leads to hard-coded credentials.
This vulnerability is uniquely identified as CVE-2023-48374. It is possible …
A vulnerability was found in SmartStar CWS Web-Base 10.25 and classified as very critical. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload.
This vulnerability is handled as CVE-2023-48376. The attack…
