30 matches found
EUVD-2018-6811
Malware in sbrugna...
EUVD-2018-6809
Malware in sbrugna...
EUVD-2018-6808
Malware in sbrugna...
Matera Banco Cross-Site Scripting Vulnerability
Matera Banco is a financial management system. A cross-site scripting vulnerability exists in Matera Banco version 1.0.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Matera Banco Cross-Site Scripting Vulnerability (CNVD-2018-15767)
Matera Banco is a financial management system. A cross-site scripting vulnerability exists in Matera Banco version 1.0.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
CVE-2018-14926
Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request...
CVE-2018-14925
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace revealing use of net.sf.acegisecurity components...
Path traversal
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14925
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace revealing use of net.sf.acegisecurity components...
Design/Logic Flaw
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace revealing use of net.sf.acegisecurity components...
CVE-2018-14929
Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonstrated by the /contingency/web/index.jsp aka home page url parameter...
Cross site request forgery (csrf)
Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request...
CVE-2018-14929
Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonstrated by the /contingency/web/index.jsp aka home page url parameter...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
Cross site scripting
Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonstrated by the /contingency/web/index.jsp aka home page url parameter...
CVE-2018-14924
Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" aka user fullname field...
Cross site scripting
Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" aka user fullname field...
CVE-2018-14924
Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" aka user fullname field...
CVE-2018-14926
Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request...