OTRS Code Issue Vulnerability

Open-source Ticket Request System OTRS is an open-source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the...

CloudBees Jenkins Robot Framework Plugin Code Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . CloudBees Jenkins Robot...

ambassadors.sunyjcc.edu Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1067984 Security Researcher devl00p Helped patch 3018 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting ambassadors.sunyjcc.edu...

Backup and Staging by WP Time Capsule < 1.21.16 - Authentication Bypass

It is possible to login as an administrator on the site due to logical mistakes in the code. PoC The issue resides in wptc-cron-functions.php line 12 where it parses the request. This parserequest function calls the function decodeserverrequestwptc which check if the raw POST payload contains a...

Easy XML Editor Code Problem Vulnerability

Easy XML Editor is an XML editor. A code issue vulnerability exists in Easy XML Editor v1.7.8 and prior versions. The vulnerability stems from an improperly designed or implemented code development process for a web-based system or product. No detailed vulnerability details are provided at this...

darexvapenhandel.n.nu Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1036205 Security Researcher Hchabik Helped patch 2444 vulnerabilities Received 5 Coordinated Disclosure badges Received 2 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting darexvapenhandel.n.nu websi...

Free Photo Viewer Code Issue Vulnerability

Free Photo Viewer is a lightweight photo viewer. A code issue vulnerability exists in Free Photo Viewer. The vulnerability can be exploited to execute arbitrary code via specially crafted BMP and/or TIFF files...

SITOS six Build code issue vulnerability (CNVD-2019-42386)

SITOS is a modular e-learning system. The system includes features such as audio playback, video playback, forums, blogs and social media. A code issue vulnerability exists in SITOS six Build v6.2.1. The vulnerability stems from an improperly designed or implemented code development process for a...

Adobe Animate Code Issue Vulnerability

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate has a code issue vulnerability. An attacker can exploit this vulnerability to elevate privileges...

TightVNC Code Issue Vulnerability

TightVNC is a cross-platform open source remote desktop software. TightVNC suffers from a code issue vulnerability. An attacker could exploit this vulnerability to cause a denial of service...

TeamViewer Code Issues Vulnerabilities

TeamViewer is a suite of software for remote control, desktop sharing and file transfer from the German company TeamViewer. A code issue vulnerability exists in Windows Service in TeamViewer Windows, which can be exploited by an attacker to execute code on a target system by creating a file into...

CVE-2019-13410

TOPMeeting vulnerability CVE-2019-13410 affects TOPMeeting versions before 8.8. The issue is information disclosure: attendees’ accounts and passwords are exposed on a front-end page; an attacker can obtain this by inspecting the page source. Root cause: sensitive credentials displayed in the cli...

WordPress dzs-zoomsounds plugin code issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. dzs-zoomsounds is an audio player plugin that is used in it. A code issue vulnerability exists in the WordPress dzs-zoomsounds plugin...

clip2net.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-989141 Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting clip2net.com website and...

Syhunt Community 6.7 - Web And Mobile Application Scanner

Syhunt Community is a web and now mobile application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detailed...

Moodle Code Issue Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A code issue vulnerability exists in Moodle that can be exploited by an attacker to obtain a user's mobile access token...

Total Defense Anti-virus Code Issue Vulnerability

Total Defense Anti-virus is a suite of antivirus software from the American company Total Defense. Total Defense Anti-virus has a code issue vulnerability. An attacker can exploit this vulnerability to hijack the ccGUIFrm.dll file and execute code...

cercovacanza.it Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-976357 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting cercovacanza.it website and...

CVE-2019-10071

The code which checks HMAC in form submissions used String.equals for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their payload. The comparison...

Siemens Mendix Code Issue Vulnerability

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. A code issue vulnerability exists in Siemens Mendix versions 7.23.5 and earlier. The vulnerability arises from an improperly designed or...