6 matches found
Cross-site Scripting (XSS)
Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the organization name...
Open-AudIT Professional Cross-Site Scripting Vulnerability (CNVD-2018-19866)
Open-AudIT is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Orgs Page in Open-AudIT Professional Edition version 2.2.7. A remote attacker can exploit this...
McAfee Vulnerability Manager Enterprise Manager Component Cross-Site Request Forgery Vulnerability
McAfee Vulnerability Manager is a security risk management solution from McAfee USA. A cross-site request forgery vulnerability exists in the Organizations and Remediation administration page in the Enterprise Manager component of McAfee Vulnerability Manager, which allows remote attackers to...
McAfee Vulnerability Manager 'Organizations' Cross-Site Request Forgery Vulnerability
McAfee Vulnerability Manager is a vulnerability management application. A cross-site request forgery vulnerability exists on the McAfee Vulnerability Manager 'Organizations' page, which allows remote attackers to construct malicious URIs, trick users into parsing them, and can target user context...
CVE-2015-7612
Multiple cross-site request forgery CSRF vulnerabilities in the Organizations page in Enterprise Manager in McAfee Vulnerability Manager MVM 7.5.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors...
CVE-2015-7612
Multiple cross-site request forgery CSRF vulnerabilities in the Organizations page in Enterprise Manager in McAfee Vulnerability Manager MVM 7.5.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors...