The authorization check in the runSwitchUser action in Pachno version 1.0.6 evaluates the expression !canSaveConfiguration && !hasCookie'originalus...
Pachno version 1.0.6 uses the unserialize function on the contents of cache files stored under PACHNOPATH/cache/ during the framework bootstrap seq...
Pachno version 1.0.6 suffers from persistent cross site scripting vulnerabilities...
Pachno version 1.0.6 suffers from an open redirection vulnerability. Input passed via the returnto GET/POST parameter to the login endpoint is not ...
Pachno version 1.0.6 suffers from an XML eXternal Entity XXE vulnerability in the wiki textparser...
Pachno version 1.0.6 suffers from a remote shell upload vulnerability. The multipart file parameter to the /uploadfile endpoint allows authenticate...
InvoicePlane versions 1.6.3 and below suffer from a path traversal vulnerability in the getfile method of the Guest module...
Redaxo versions 5.20.1 and below suffer from a path traversal vulnerability...
OpenSTAManager versions 2.9.8 and below suffer from a remote time-based SQL injection vulnerability in the Article Pricing module...
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in ajaxcomplete.php...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
