14 matches found
CVE-2019-16975
In FusionPBX up to 4.5.7, the file app\contacts\contactnotes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS...
CVE-2019-16975
creationtimestamp| type| source ---|---|--- 2024-01-27 08:11:22+00:00| seen| https://t.me/ctinow/174675...
CVE-2020-16975
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges...
CVE-2020-16975 Windows Backup Service Elevation of Privilege Vulnerability
...
CVE-2020-16975
CVE-2020-16975 describes an elevation of privilege vulnerability in the Windows Backup Service caused by improper handling of file operations. An attacker who already has code execution on the victim system could exploit this by running a crafted application to elevate privileges. Microsoft’s sec...
CVE-2020-16974
Technical details about CVE-2020-16974 (affected product/version, root cause, impact, or patch specifics) are not provided in the connected documents. Monitor for updates.
Microsoft Windows Multiple Vulnerabilities (KB4580327)
This host is missing a critical security update according to Microsoft KB4580327 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-16975
...
CVE-2019-16975
CVE-2019-16975 affects FusionPBX up to version 4.5.7. The issue is a reflected XSS in the file app/contacts/contact_notes.php, where an unsanitized URL parameter named id is echoed into HTML. The root cause is unsanitized input from the URL; the description indicates client-side code execution co...
CVE-2018-16975
An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in /designer/add/stylesheet.php by using a .php extension in the New Stylesheet Name field in conjunction with ?php content, because of insufficient input validation in...
CVE-2018-16975
An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in /designer/add/stylesheet.php by using a .php extension in the New Stylesheet Name field in conjunction with ?php content, because of insufficient input validation in...
CVE-2018-16975
Elefant CMS prior to 2.0.7 contains a PHP code execution vulnerability in /designer/add/stylesheet.php. Insufficient input validation in apps/designer/handlers/csspreview.php allows a .php extension in the New Stylesheet Name field when combined with
[SECURITY] [DSA 994-1] New freeciv packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 994-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 994-1] New freeciv packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 994-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...