16 matches found
EUVD-2019-5934
Malware in sbrugna...
EUVD-2019-5935
Malware in sbrugna...
CVE-2019-14804
studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing...
CVE-2019-14805
studio/buildermenu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing...
UNA 10.0.0 RC1 - (polyglot.php) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-1480...
UNA Cross-Site Scripting Vulnerability
UNA is a full-stack software platform for building custom community websites, social networks and collaboration centers. A cross-site scripting vulnerability exists in studio/buildermenu.php?page=sets in UNA version 10.0.0-RC1, which stems from a lack of proper validation of client-side data in t...
UNA 10.0.0 RC1 - 'polyglot.php' Persistent Cross-Site Scripting
Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Date: 2019 08 10 Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-14804 UNA-v.10.0.0-RC1 Stored XSS...
UNA 10.0.0 RC1 - polyglot.php Persistent Cross-Site Scripting
UNA 10.0.0 RC1 - polyglot.php Persistent Cross-Site Scripting Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Date: 2019 08 10 Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on:...
CVE-2019-14805
studio/buildermenu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing...
CVE-2019-14804
studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing...
Cross site scripting
studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing...
Cross site scripting
studio/buildermenu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing...
CVE-2019-14805
studio/buildermenu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing...
CVE-2019-14805
CVE-2019-14805 affects UNA 10.0.0-RC1, where a stored/xss vulnerability exists in studio/builder_menu.php?page=sets during set editing via the System Name field. The issue is triggered by insufficient input validation in the Sets editing workflow, enabling an attacker to inject and execute client...
CVE-2019-14804
The CVE-2019-14804 issue affects UNA 10.0.0-RC1, where a stored Cross-Site Scripting (XSS) vulnerability exists in studio/polyglot.php?page=etemplates via the Emails templates when editing the System Name field. The root cause, as described by CNVD, is a lack of proper validation of client-side d...
Asterisk SIP Channel Driver Uninitialized Variable Request Parsing DoS (AST-2011-012)
According to the version in its SIP banner, the version of Asterisk running on the remote host can be crashed remotely by an authenticated user when parsing an invalid SIP URI. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...