EUVD-2025-34913

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code...

CVE-2025-56320

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier reports that this is "Present only in an obsolete, unsupported version no longer in circulation."...

CVE-2025-56320

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier reports that this is "Present only in an obsolete, unsupported version no longer in circulation."...

Cobblestone Enterprise Contract Management Software 安全漏洞

Cobblestone Enterprise Contract Management Software is an enterprise contract management software from Cobblestone Corporation, USA. A security vulnerability exists in Cobblestone Enterprise Contract Management Software version 22.4.0, which originates from the presence of stored cross-site...

CVE-2025-56320

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier reports that this is "Present only in an obsolete, unsupported version no longer in circulation."...

EUVD-2019-13915

Malware in sbrugna...

EUVD-2019-14090

Malware in sbrugna...

EUVD-2019-14092

Malware in sbrugna...

EUVD-2018-12540

Malware in sbrugna...

EUVD-2015-5059

Malware in sbrugna...

Agiloft 安全漏洞

Agiloft is a contract management platform from Agiloft Corporation in the United States. A security vulnerability exists in Agiloft that stems from XML external entity injection and could lead to path traversal...

CVE-2022-35198

Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information...

CVE-2022-35198

Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information...

CVE-2022-35198

Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information...

CVE-2022-35198

Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information...

CVE-2022-35198

The CVE-2022-35198 entry concerns Contract Management System v2.0 with a weak default password that can expose database connection information. This vulnerability is supported by multiple connected records noting the same issue, including a High severity CVSS 3.1 score (7.5), attack vector networ...

Contract Management System 授权问题漏洞

Contract Management System is a contract management system. It enables companies to create new contracts and track the status of existing contracts to ensure that employees, vendors, and customers meet defined requirements. A security vulnerability exists in Contract Management System version v2....

PT-2022-22628 · Unknown · Contract Management System

Name of the Vulnerable Software and Affected Versions: Contract Management System version 2.0 Description: The issue is related to a weak default password in the Contract Management System, which allows attackers to access database connection information. Recommendations: For Contract Management...

The Gravity.sol should have pause/unpause functionality

Lines of code Vulnerability details Impact In case a hack is occuring or an exploit is discovered, the team or validators in this case should be able to pause functionality until the necessary changes are made to the system. Additionally, the gravity.sol contract should be manged by proxy so that...

Security Bulletin: IBM Emptoris Contract Management is vulnerable to unspecified vulnerability due to Oracle Database Server (CVE-2021-35576)

Summary IBM Emptoris Contract Management supports usage of Oracle Database Server as a backend application database. Oracle Database Server is vulnerable to unspecified vulnerabilities that has been addressed. Vulnerability Details CVEID: CVE-2021-35576 DESCRIPTION: An unspecified vulnerability i...