Free Trial

ZrLog 2.1.0 post/addComment userName/email cross site scripting

A vulnerability has been found in ZrLog 2.1.0 and classified as problematic. Affected by this vulnerability is some unknown functionality of the file post/addComment. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-33595 : CPYTHON 3.12.0 ALPHA 7 /OBJECTS/UNICODEOBJECT.C ASCII_DECODE USE AFTER FREE

CVE-2023-33595 : CPYTHON 3.12.0 ALPHA 7 /OBJECTS/UNICODEOBJECT.C ASCII_DECODE USE AFTER FREE

Description CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c. References https://github.com/python/cpython/issues/103824

Learn more
CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

Description An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation

Learn more
CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

Description Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations

Learn more