EUVD-2017-8076

Malware in sbrugna...

EUVD-2017-8077

Malware in sbrugna...

PT-2025-7366 · WordPress · Small Package Quotes – Worldwide Express Edition

Name of the Vulnerable Software and Affected Versions: Small Package Quotes – Worldwide Express Edition plugin for WordPress versions prior to 5.2.19 Description: The issue concerns SQL injection via the edit id and dropship edit id parameters due to insufficient escaping on the user-supplied...

PT-2023-28779 · Zpe Systems · Nodegrid Os

Name of the Vulnerable Software and Affected Versions: ZPE Systems, Inc Nodegrid OS versions 5.0.0 through 5.0.17 ZPE Systems, Inc Nodegrid OS versions 5.2.0 through 5.2.19 ZPE Systems, Inc Nodegrid OS versions 5.4.0 through 5.4.16 ZPE Systems, Inc Nodegrid OS versions 5.6.0 through 5.6.13 ZPE...

Security Bulletin: IBM Sterling B2B Integrator is affected by a remote code execution in Spring Framework (CVE-2022-22965)

Summary IBM Sterling B2B Integrator is affected but not classified as vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast to a Spri...

Security Bulletin: IBM Maximo For Civil infrastructure is vulnerable to a remote code execution in Spring Framework (CVE-2022-22965)

Summary IBM Maximo For Civil infrastructure is affected but not classified as vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast t...

Exploit for Code Injection in Vmware Spring_Framework

Spring4shell RCE vulnerability This vulnerability affects Spr...

Spring Framework Zero-Day Remote Code Execution (Spring4Shell) Vulnerability

This page last updated: April 7th A new zero-day Remote Code Execution RCE vulnerability, “Spring4Shell” or “SpringShell” was disclosed in the Spring framework. An unauthorized attacker can exploit this vulnerability to remotely execute arbitrary code on the target device. What is Spring Framewor...

Spring Framework 代码注入漏洞

Spring Framework is the U.S. Spring team of a set of open source Java, JavaEE application framework. The framework helps developers build high-quality applications. A code injection vulnerability exists in Spring Framework that stems from the RCE for data binding on JDK 9+.The following products...

Horde Groupware Cross-Site Scripting Vulnerability (CNVD-2017-37741)

Horde Groupware is an enterprise browser based on the Communication Suite from Horde USA. The browser supports sending and receiving e-mail, managing and sharing calendars, contacts and tasks, and more. A cross-site scripting vulnerability exists in Horde Groupware version 5.2.19. A remote attack...

DEBIAN-CVE-2017-16907

In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action...

CVE-2012-4234

Cross-site scripting XSS vulnerability in the group moderation screen in the control center control.php in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter...