EUVD-2020-2538

Malware in sbrugna...

CVE-2020-25071

Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit. Note: It has been argued that this is not reproducible. "The original issue was that the task would be created and an alert would be shown on the screen. Now the task would be...

CVE-2020-10073

GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page...

Tuleap 安全漏洞

Tuleap is open source an application lifecycle management system that facilitates agile software development, design projects, V-modeling, requirements management and IT service management. A security vulnerability exists in Tuleap versions prior to 14.2.99.104, which stems from a failure to...

CVE-2020-25071

Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit. Note: It has been argued that this is not reproducible. "The original issue was that the task would be created and an alert would be shown on the screen. Now the task would be...

PT-2020-15930 · Nifty · Nifty Project Management Web Application

Name of the Vulnerable Software and Affected Versions: Nifty Project Management Web Application affected versions not specified Description: The issue allows for XSS via the Add Task feature, which is rendered when visiting the Project Home. The original problem involved creating a task and...

CVE-2020-10073

GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page...

CVE-2020-10073

Removed by vendor...

PT-2020-11898 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.4.2 through 12.8.1 Description: The issue involves a potential denial of service related to permissions checks, which could impact a project home page. Recommendations: For GitLab EE versions 12.4.2 through 12.8.1, updat...

WPScan v3.4.0 - Black Box WordPress Vulnerability Scanner

WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. INSTALL Prerequisites: Ruby = 2.2.2 - Recommended: 2.3.3 Curl = 7.21 - Recommended: latest - FYI the 7.29 has a segfault...

WPScan v3.3.1 - Black Box WordPress Vulnerability Scanner

WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. INSTALL Prerequisites: Ruby = 2.2.2 - Recommended: 2.3.3 Curl = 7.21 - Recommended: latest - FYI the 7.29 has a segfault...

Redmine cross-site scripting vulnerability (CNVD-2017-31961)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . A cross-site scripting vulnerability exists in the Textile and Markdown text formatting and project hom...

Community Translate - Remote File Inclusion

Community Translate - Remote File Inclusion o Community Translate Remote File Inclusion Vulnerability Software : Community Translate Project Home : http://code.google.com/p/communitytranslate/ Author : NoGe Contact : nogedotcodeatgmaildotcom Blog : http://evilc0de.blogspot.com/ Home :...