27 matches found
CVE-2024-39094
Friendica 2024.03 is vulnerable to Cross Site Scripting XSS in settings/profile via the homepage, xmpp, and matrix parameters...
CVE-2024-31134
In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled...
CVE-2024-31135
In JetBrains TeamCity before 2024.03 open redirect was possible on the login page...
CVE-2024-35300
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible...
CVE-2024-49208
Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially exploit this vulnerability to elevate their privileges and delete system icons...
CVE-2024-49209
CVE-2024-49209 affects Archer Platform 2024.03 through 2024.08. The vulnerability is an API authorization bypass related to supporting application files, allowing a remote unprivileged attacker to elevate privileges and upload additional system icons. Remediation: upgrade to Archer Platform 2024....
PT-2024-33346 · Unknown · Archer Platform
Name of the Vulnerable Software and Affected Versions: Archer Platform versions 2024.03 through 2024.07 Description: The issue is related to an authorization bypass vulnerability concerning supporting application files. A remote unprivileged attacker could potentially exploit this to elevate thei...
CVE-2024-49208
Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially exploit this vulnerability to elevate their privileges and delete system icons...
CVE-2024-39094
Friendica 2024.03 is vulnerable to Cross Site Scripting XSS in settings/profile via the homepage, xmpp, and matrix parameters...
CVE-2024-39094
Friendica 2024.03 is vulnerable to Cross Site Scripting XSS in settings/profile via the homepage, xmpp, and matrix parameters...
CVE-2024-39094
Friendica 2024.03 is vulnerable to Cross Site Scripting XSS in settings/profile via the homepage, xmpp, and matrix parameters...
CVE-2024-39094
Friendica 2024.03 is affected by a Cross‑Site Scripting (XSS) vulnerability in the settings/profile area accessible via the homepage, xmpp, and matrix parameters. The issue targets the settings/profile component and is exploited through crafted input in those parameters, with details indicating u...
CVE-2024-39094
Friendica 2024.03 is vulnerable to Cross Site Scripting XSS in settings/profile via the homepage, xmpp, and matrix parameters...
CVE-2024-35300
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible...
PT-2024-25701
Name of the Vulnerable Software and Affected Versions Archer Platform versions prior to 2024.03 Description An issue was discovered in the Archer Platform, where an X-Forwarded-For Header Bypass vulnerability exists. This allows an unauthenticated attacker to potentially bypass intended...
Archer Platform 安全漏洞
Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists prior to Archer Platform version 6 2024.03 that stems from the inclusion of a sensitive information disclosure vulnerability...
CVE-2024-34093
An issue was discovered in Archer Platform 6 before 2024.03. There is an X-Forwarded-For Header Bypass vulnerability. An unauthenticated attacker could potentially bypass intended whitelisting when X-Forwarded-For header is enabled...
CVE-2024-31135
In JetBrains TeamCity before 2024.03 open redirect was possible on the login page...
CVE-2024-31134
In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled...
CVE-2024-31137
In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration...