Search Results | AttackerKB

Show filters

Topics 28 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

28 Total Results

Displaying 1-10 of 28

Attacker Value

Unknown

CVE-2023-2665

Disclosure Date: May 12, 2023 (last updated October 08, 2023)

Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-29918

Disclosure Date: May 02, 2023 (last updated October 08, 2023)

RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-2202

Disclosure Date: April 21, 2023 (last updated October 08, 2023)

Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-0994

Disclosure Date: February 24, 2023 (last updated October 08, 2023)

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosariosis prior to 10.8.2.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2014-125067

Disclosure Date: January 08, 2023 (last updated October 20, 2023)

A vulnerability classified as critical was found in corincerami curiosity. Affected by this vulnerability is an unknown functionality of the file app/controllers/image_controller.rb. The manipulation of the argument sol leads to sql injection. The patch is named d64fddd74ca72714e73f4efe24259ca05c8190eb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217639.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-2714

Disclosure Date: September 06, 2022 (last updated October 08, 2023)

Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-3072

Disclosure Date: September 01, 2022 (last updated October 08, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-2067

Disclosure Date: June 13, 2022 (last updated October 07, 2023)

SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-2036

Disclosure Date: June 09, 2022 (last updated October 07, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.1.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-1997

Disclosure Date: June 08, 2022 (last updated October 07, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.

Attack Vector: Network Privileges: Low User Interaction: Required

0