CVE-2019-7169

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3...

Juniper ATP Cross-Site Scripting Vulnerability (CNVD-2019-24381)

Juniper Advanced Threat Prevention ATP is a suite of advanced threat protection platforms from Juniper Networks. The product supports malware detection, file analysis, and malicious IP address and URL blocking. A cross-site scripting vulnerability exists in the Golden VM menu in Juniper ATP...

CVE-2019-0023

A persistent cross-site scripting XSS vulnerability in the Golden VM menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative...

CVE-2019-0023

A persistent cross-site scripting XSS vulnerability in the Golden VM menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative...

CVE-2019-0023 Juniper ATP: Persistent Cross-Site Scripting vulnerability in the Golden VM menu

A persistent cross-site scripting XSS vulnerability in the Golden VM menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative...

Cagintranet Networks GetSimple CMS Cross-Site Scripting Vulnerability (CNVD-2019-00386)

Cagintranet Networks GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site scripting vulnerability exists in Cagintranet Networks GetSimple CMS...

Cross site scripting

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

CVE-2018-19845

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

CVE-2018-19845

CVE-2018-19845 is a stored XSS in GetSimple CMS. Multiple connected documents confirm the vulnerability in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter (and related CVE-2018-16325). CNVD/OSV/ CNVD entries also reference GetSimple CMS 3.4.0.9 and the admin/edit.php title field...

CVE-2018-15006

The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.android.zte.hiddenmenu versionCode=23, versionName=6.0.1 that contains an exported broadcast receiver ap...

Apple iOS v12.1.1 - Combo Passcode Bypass Vulnerability

Document Title: =============== Apple iOS v12.1.1 - Combo Passcode Bypass Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2162 Video: https://www.vulnerability-lab.com/getcontent.php?id=2169 Vulnerability Magazine:...

December 11, 2018—KB4471324 (OS Build 17134.471)

December 11, 2018—KB4471324 OS Build 17134.471 Note: Because of minimal operations during the holidays and upcoming Western new year, there won’t be any preview releases for the month of December 2018. Monthly servicing will resume with the January 2019 security releases. Improvements and fixes...

App Shortcuts with Receiver for Windows

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. As a Receiver administrator, you can configure Receiver for Windows 4.x to automatically place...

Responsive Menus - Moderately critical - Cross site scripting - SA-CONTRIB-2018-079

This module enables you to collapse your sites main menu on mobile, and show a menu toggle button. The module doesn't sufficiently sanitize configuration settings provided by users which leads to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacke...

Parrot Security 4.3 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Parrot 4.3 is now available for download. This release provides security and stability updates and is the starting point for the plan to develop an LTS edition of Parrot. Linux 4.18 Linux was updated to the 4.18.10 version, and linux 4.19 will be released soon. Firefox 63 Firefox 63 provides...

CVE-2018-18943

An issue was discovered in baserCMS before 4.1.4. In the Register New Category feature of the Upload menu, the category name can be used for XSS via the dataUploaderCategoryname parameter to an admin/uploader/uploadercategories/edit URI...

Cross site scripting

An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMSMenu.php?lgid=1 during editing...

When refreshing the WEM Agent, existing Start Menu items not defined through a WEM application assignment are not being deleted automatically.

When refreshing the WEM Agent, existing Start Menu items not defined through a WEM application assignment are not being deleted automatically...

Authorities search & seize properties of GTA V’s “Infamous” cheat developers

By Carolina Cheat developers are constantly under the radar of Take-Two Interactive and Rockstar Games. Both companies have previously taken legal action against cheat developers for protecting their games including the very popular Grand Theft Auto V GTA V. Last month, they launched an operation...

April 12, 2016 — KB3147461 (OS Build 10240.16769)

April 12, 2016 — KB3147461 OS Build 10240.16769 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability for Windows Explorer, Bluetooth, application deployment service, Microsoft...