322 matches found
Singularity has an unspecified vulnerability
Singularity is an open source container management platform from the Singularity team Singularity. The software supports building applications on their desktops and running hundreds or thousands of instances on any public cloud or at the compute edge. A security vulnerability exists in versions...
forum-java is vulnerable to XSS
forum-java is an open source modern community platform. forum-java has an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...
Adobe Magento SQL Injection Vulnerability
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento XML Injection Vulnerability
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento 操作系统命令注入漏洞
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Apache Airflow Encryption Problem Vulnerability
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security vulnerability exists in Apache Airflow versions prior to 1.10.13, which...
Cabot 0.11.12 - Persistent Cross-Site Scripting
Exploit Title: Cabot 0.11.12 - Persistent Cross-Site Scripting Date: 2020-09-06 Exploit Author: Abhiram V Vendor Homepage: https://cabotapp.com/ Software Link: https://github.com/arachnys/cabot Version: 0.11.12 Tested on: Ubuntu Linux Introduction Cabot is a free, open-source, self-hosted...
Unspecified vulnerability in MISP (CNVD-2020-51415)
MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP version 2.4.128, which stems from insufficient ACL...
Multiple SQL Injection Vulnerabilities in DM Enterprise Website System Backend
DM enterprise building system is developed by php + mysql a set of specialized in small and medium-sized enterprise website construction of open source cms. DM enterprise website building system background there are multiple SQL injection vulnerabilities. Attackers can use the vulnerability to...
Zimbra Code Issues Vulnerabilities
Zimbra is the United States Zimbra company's set of open source e-mail collaboration platform. A code issue vulnerability exists in the /service/upload program in the Webmail subsystem in versions of Zimbra prior to 8.8.15 Patch 10 and 9.x prior to 9.0.0 Patch 3, which can be exploited by an...
Remote Code Execution Vulnerability in O2OA System in*** Interface
O2OA is an open source and free enterprise and team office platform , providing portal management , process management , information management , data management four platforms , set of work reports , project collaboration , mobile OA , document sharing , process approval , data collaboration and...
SQL Injection Vulnerability in u*** Parameters on zzzphp sa***.php Page
zzphp is a PHP and MYSQL based CMS, free open source building system. zzzphp sa.php page u parameters exist SQL injection vulnerability, attackers can exploit the vulnerability to obtain database sensitive information...
XSS Vulnerability in WHATSNS System
WHATSNS system is a php open source Q&A system that can quickly build verticalized domains based on your business needs. WHATSNS system has an XSS vulnerability that can be exploited by attackers to obtain sensitive information...
Malware Information Sharing Platform Cross-Site Scripting Vulnerability
MISP is an open source software solution for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity incident analysis and malware analysis. MISP suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to inject arbitrary...
JVN#09460804: Knowledge vulnerable to cross-site request forgery
Knowledge provided by support-project.org is an open-source knowledge base platform. Knowledge contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Software Update to the...
Moodle Security Bypass Vulnerability (CNVD-2017-00904)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security bypass vulnerability exists in Moodle. An attacker could use this...
Red Hat OpenShift Origin Information Disclosure Vulnerability
Red Hat OpenShift Origin is an open source Platform as a Service PaaS product from Red Hat, Inc. An information disclosure vulnerability exists in Red Hat OpenShift Origin, which can be exploited by attackers to obtain sensitive information...
Moodle Security Bypass Vulnerability (CNVD-2015-07117)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security bypass vulnerability exists in Moodle. An attacker could use this...
Android Open Source Platform (AOSP) Browser UXSS
This module exploits a Universal Cross-Site Scripting UXSS vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on 'Android Open Source Platform AOSP Browser UXSS', 'Description' = %q This module exploits a Universal Cross-Site Scriptin...
Android Open Source Platform (AOSP) Browser UXSS
This module exploits a Universal Cross-Site Scripting UXSS vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on 'Android Open Source Platform AOSP Browser UXSS', 'Description' = %q This module exploits a Universal Cross-Site Scriptin...