Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Manage Security Vulnerabilities

cve
cve

CVE-2017-11726

services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting.

8.8CVSS

8.6AI Score

0.001EPSS

2017-07-31 11:29 PM
24
cve
cve

CVE-2017-11727

services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS.

6.1CVSS

6.5AI Score

0.001EPSS

2017-07-31 11:29 PM
25
cve
cve

CVE-2021-43689

manage (last update Oct 24, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script and print a message which have values from $_POST.

6.1CVSS

6AI Score

0.001EPSS

2021-12-01 03:15 PM
17