CVE-2023-34300 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

CVE-2018-17948

The vulnerability CVE-2018-17948 is described as an open redirect in the Access Manager Identity Provider prior to 4.4 SP3. The primary documented impact areas are limited to the redirect mechanism; CVSS metrics indicate a MEDIUM severity (CVSS v3.0: 6.1) with NETWORK access, no privileges requir...

CVE-2017-17948

Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request...

CVE-2017-17948

Cells Blog 3.5 is affected by a Cross‑Site Scripting (XSS) vulnerability that can be triggered via the jfdname parameter in an act=showpic request. Multiple sources (NVD/NVD mirror, CNVD, Red Hat advisory, CNVD) corroborate the issue, describing XSS in Cells Blog 3.5 and the jfdname parameter pat...

Unfixed Redirect vulnerability at www.alawar.com

Security researcher holisticinfosec, has submitted on 29/04/2008 a Redirect vulnerability affecting www.alawar.com, which at the time of submission ranked 17948 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/04/2008. It is currently unfixed...