| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass.
This issue affects Competition Management System: before 23.07. |
| Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users.
This issue affects Competition Management System: before 23.07. |
| Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.
This issue affects Rental Module: before 23.05.15. |
| Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.
This issue affects Rental Module: before 23.05.15. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cityboss E-municipality allows SQL Injection.
This issue affects E-municipality: before 6.05. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AGT Tech Ceppatron allows Command Line Execution through SQL Injection, SQL Injection.
This issue affects all versions of the sofware also EOS when CVE-ID assigned. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Softmed SelfPatron allows SQL Injection.
This issue affects SelfPatron : before 2.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Softmed SelfPatron allows Reflected XSS.
This issue affects SelfPatron : before 2.0. |
| Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.
This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |
| Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.
This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |
| Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.
This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |
| Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).
This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |
| Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.
This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |
| Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program. |
| Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.
This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veon Computer Service Tracking Software allows SQL Injection.
This issue affects Service Tracking Software: before crm 2.0. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marksoft allows SQL Injection.
This issue affects Marksoft: through Mobile:v.7.1.7 ; Login:1.4 ; API:20230605. |
| The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lisa Software Florist Site allows SQL Injection.
This issue affects Florist Site: before 3.0. |
| Authorization Bypass Through User-Controlled Key vulnerability in Origin Software ATS Pro allows Authentication Abuse, Authentication Bypass.
This issue affects ATS Pro: before 20230714. |
