460 matches found
CVE-2022-34354
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...
CVE-2022-34354 IBM Sterling Partner Engagement Manager information disclosure
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...
CVE-2022-34354
Affected product: IBM Sterling Partner Engagement Manager 2.0. The vulnerability is an information disclosure where encrypted client data stored locally can be read by another user on the same system. Root cause: inadequate protection of locally stored data leading to exposure. Impact: confidenti...
WordPress plugin Apasionados Export Post Info 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Slack Morphism Information Disclosure Vulnerability
Slack Morphism is a modern asynchronous client library for Rust with support for Slack Web/Events API/Socket Mode and Block Kit. An information disclosure vulnerability exists in Slack Morphism versions prior to 0.41.0, which stems from the potential disclosure of Slack OAuth client information i...
AMD SEV-legacy 安全漏洞
AMD Secure Encrypted Virtualization is a software application from AMD USA. Hardware-accelerated memory encryption to protect data in use. A security vulnerability exists in the AMD SEV-legacy firmware. An attacker could exploit the vulnerability to cause a loss of integrity or confidentiality of...
Orchard Core 跨站脚本漏洞
Net Core, an open source modular and multi-tenant application framework built using Asp.Net Core, and a content management system Cms built on top of the framework.A cross-site scripting vulnerability exists in Orchard Core, which stems from the lack of proper validation of client-side data in th...
WordPress plugin 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress E2Pdf Plugin versions prior to 1.16.45 that stems fro...
Librenms 跨站脚本漏洞
Librenms is a PHP and MySQL based open source network monitoring system from the Librenms community. The system features custom alerts, auto-discovery of network environments and automatic updates.Librenms suffers from a cross-site scripting vulnerability that stems from the lack of proper...
Checkmk 跨站脚本漏洞
Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk versions 2.0.0p19 and earlier and 1.6.0p27 and earlier, which stems from the lack of proper validation of client-side data by the web application. An attacker could exploit this vulnerability to execute client-side code...
MiniCMS 跨站脚本漏洞
MiniCMS is a content management system CMS designed for personal websites. miniCMS has a security vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...
Gibbon 跨站脚本漏洞
Gibbon is a school platform that solves real-world problems that educators encounter every day. A security vulnerability exists in Gibbon CMS that stems from the WEB application lacking proper validation of client data. An attacker can exploit the vulnerability to execute client-side code...
Emlog 跨站脚本漏洞
Emlog is a PHP and MySQL-based CMS website builder from Emlog personal developers. Emlog suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could use this vulnerability to execute JavaScript code ...
livehelperchat 跨站脚本漏洞
livehelperchat is a chat via a live helper that provides free live support on a website. A security vulnerability exists in livehelperchat that stems from the WEB application's lack of proper validation of client data. An attacker can exploit the vulnerability to execute client-side code...
Calibre-Web 跨站脚本漏洞
Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A security vulnerability exists in Calibre-Web before 0.6.16, which stems from the WEB application's lack of proper validation of client-side data. An attacker could exploit the vulnerability ...
ForestBlog 跨站脚本漏洞
ForestBlog is an application. A personal blog. ForestBlog suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerability to execute JavaScript code on the client side...
AppCMS 跨站脚本漏洞
AppCMS is a content management system CMS for mobile application downloads. a cross-site scripting vulnerability exists in AppCMS, which stems from the lack of proper validation of client-side data in the WEB application. An attacker could exploit this vulnerability to execute client-side code...
Naviwebs Navigate CMS 跨站脚本漏洞
Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. Naviwebs Navigate CMS suffers from a cross-site scripting vulnerability that originates from a lack of proper validation of client-side data by the WEB application. An attacker can...
Pimcore 跨站脚本漏洞
Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. pimcore 10.2.7 before the existence of...
Pimcore 跨站脚本漏洞
Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications.Pimcore has cross-site scripting...