3 matches found
vBulletin Clickjacking Vulnerability
vBulletin is the United States InternetBrands and vBulletinSolutions, Inc. of a PHP and MySQL-based open source Web forum program . A clickjacking vulnerability exists in versions of vBulletin prior to 5.5.4. An attacker can exploit this vulnerability to conduct clickjacking attacks against users...
Nagios XI Cross-Site Scripting Vulnerability
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A cross-site scripting vulnerability exists in Nagios XI versions prior to 5.5.4. The vulnerability stems...
solr: Directory traversal via Index Replication HTTP API
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...