Redash up to 10.0 server-side request forgery [CVE-2021-43780]

A vulnerability was found in Redash up to 10.0. It has been declared as critical. This vulnerability affects an unknown code block. Upgrading to version 10.0.1 eliminates this vulnerability. Applying the patch 61bbb5aa7a23a93f2f93710005f71bc972826099 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

star7th showdoc up to 2.10.1 cross site scripting [CVE-2021-4172]

A vulnerability was found in star7th showdoc up to 2.10.1. It has been rated as problematic. Affected by this issue is some unknown processing. Upgrading to version 2.10.2 eliminates this vulnerability. Applying the patch 409c8a1208bbb847046a9496303192980f2e6219 is able to eliminate this problem. The bugfix is ready for download at github.com. The […]

SourceCodester Simple College Website 1.0 File Upload /admin/login.php username sql injection

A vulnerability classified as critical was found in SourceCodester Simple College Website 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php of the component File Upload Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an […]

IBM Cognos Controller 10.4.0/10.4.1/10.4.2 access control [CVE-2020-4879]

A vulnerability, which was classified as critical, has been found in IBM Cognos Controller 10.4.0/10.4.1/10.4.2 (Business Process Management Software). Affected by this issue is some unknown functionality. Upgrading eliminates this vulnerability.