Every1's a fraud 'cuz they pick & choose what they show.
CVE-2023-35844: Arbitrary File Read in Lightdash
• Lightdash version <= 0.506.4 is vulnerable to a path traversal attack, allowing an attacker to access arbitrary files on the server.Read more ⟶
CVE-2023-35843: Arbitrary File Read in NocoDB
• The NocoDB application version <= 0.106.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating...Read more ⟶
CVE-2023-23596: OS Command Injection in Nginx Proxy Manager
• An OS command injection vulnerability exists in versions of Nginx Proxy Manager prior to 2.9.19.Read more ⟶
CVE-2023-22493: Server Side Request Forgery (SSRF) in RSSHub
• RSSHub is vulnerable to SSRF attacks. An attacker to send arbitrary HTTP requests from the server to other servers or resources on the network.Read more ⟶
CVE-2022-3023: DSN Injection in TiDB Server Importer
• TiDB server (importer CLI tool) prior to version 6.4.0 & 6.1.3 is vulnerable to data source name injection. The database name for generating...Read more ⟶