Lucene search
+L

776 matches found

Fedora
Fedora
added 2017/08/10 4:56 p.m.22 views

[SECURITY] Fedora 26 Update: php-horde-nag-4.2.15-1.fc26

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...

3AI score
Exploits0
myhack58
myhack58
added 2017/08/04 12:0 a.m.29 views

The U.S. Department of Justice is how to build a vulnerability disclosure plan framework-vulnerability warning-the black bar safety net

The U.S. Department of Justice(DOJ criminal sector of the network security division recently created the“online system vulnerability disclosure framework”, designed to help organizations develop a formal vulnerability disclosure program. ! In fact, now more and more business organizations have...

7.3AI score
Exploits0
CNVD
CNVD
added 2017/08/03 12:0 a.m.4 views

HPE Project and Portfolio Management Center Cross-Site Scripting Vulnerability

HPE Project and Portfolio Management Center PPM is a suite of solutions from Hewlett Packard Enterprise HPE that provides project executives with the visibility and strategic operational needs to make decisions based on real-time visibility into the project lifecycle of the project portfolio. A...

5.4CVSS5.6AI score0.00792EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/08 12:0 a.m.1 views

Elevation of Privilege Vulnerability in WSS Project Management System

WSS Project Management System is a browser-based collaborative office platform that integrates "Project Management", "Task Management", "Work Hour Management", "Work Log Management" and "Work Log Management". management" as one of the collaborative office platform. An elevation of privilege...

7.2AI score
Exploits0
CNVD
CNVD
added 2017/04/18 12:0 a.m.3 views

Zendo Project Management Software Open Source 9.1.1 SQL Injection Vulnerability

Zendo is an open source project management software. Zendo Project Management Software Open Source 9.1.1 SQL injection vulnerability exists in module\block\control.php page. Due to the lack of filtering of the 'main' parameter, allowing attackers to exploit the vulnerability to obtain sensitive...

7.9AI score
Exploits0
CNVD
CNVD
added 2017/04/17 12:0 a.m.2 views

Remote Command Execution Vulnerability in Zendo Project Management System

Zendo Project Management System is an open source project management software. A remote command execution vulnerability exists in Zendo Project Management System. It allows an attacker to remotely execute commands and gain server privileges...

7.8AI score
Exploits0
CNVD
CNVD
added 2017/04/05 12:0 a.m.4 views

Design flaws in the backend of Zendo project management software of Qingdao Easoft Tianchuang Network Technology Co.

Zendo is open source free project management software. Qingdao Easoft Tianchuang Network Technology Co., Ltd Zendo project management software backend there are design flaws vulnerabilities. Allow attackers to use the background sql query function to write webshell and gain server privileges...

7.5AI score
Exploits0
0day.today
0day.today
added 2016/10/20 12:0 a.m.43 views

ManageEngine ServiceDesk Plus 9.2 Build 9207 Information Disclosure Vulnerability

Exploit for jsp platform in category web applications Title: ManageEngine ServiceDesk Plus Low Privileged User View All Tickets Date: 18 October 2016 Author: p0z Vendor: ManageEngine Vendor Homepage: https://www.manageengine.com/ Product: ServiceDesk Plus Version: 9.2 Build 9207 Other versions...

7.1AI score
Exploits0
hackapp
hackapp
added 2016/09/19 8:8 a.m.61 views

Wrike - Project Management - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Wrike - Project Management published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2016/08/25 12:0 a.m.2 views

Arbitrary File Upload Vulnerability in Jianwen Project Management System

Jianwen project management system is a .net developed cycle management system applied to a variety of engineering projects There is an arbitrary file upload vulnerability in the Jianwen Project Management System: File upload vulnerability address:...

7.1AI score
Exploits0References1
CNVD
CNVD
added 2016/08/24 12:0 a.m.1 views

SQL Injection Vulnerability in Kin Man Project Management System

Jianwen project management system is a .net developed cycle management system applied to a variety of engineering projects Jianwen Project Management System suffers from SQL injection vulnerability and arbitrary file upload vulnerability: SQL injection vulnerability URL is:...

8.2AI score
Exploits0References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.6 views

Unspecified Vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management (CNVD-2016-05451)

Oracle Primavera is a set of Oracle Oracle for project-intensive industries enterprise project portfolio management EPPM solution. The solution helps organizations assess project risks and rewards, determine the resources and skills needed to get the job done, and more. A security vulnerability i...

6.1CVSS6.7AI score0.01708EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.9 views

The vulnerability of the Microsoft Project project management software allows a remote attacker to execute arbitrary code and gain control over the system.

Microsoft Project software has vulnerabilities related to errors that occur during the processing of specially crafted files. Exploiting these vulnerabilities allows a malicious attacker to execute arbitrary code and gain full control over the system...

9CVSS6.1AI score0.12778EPSS
Exploits0References4
CNVD
CNVD
added 2016/06/13 12:0 a.m.6 views

Multiple Vulnerabilities in HPE Project and Portfolio Management Center

HPE Project and Portfolio Management Center PPM is a suite of solutions from Hewlett Packard Enterprise HPE that provides project executives with the visibility and strategic operational needs to make decisions based on real-time visibility into the project lifecycle of the project portfolio. An...

8.8CVSS7.3AI score0.02326EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/03/23 12:0 a.m.25 views

Debian Security Advisory DSA 3529-1 (redmine - security update)

Multiple vulnerabilities have been found in Redmine, a project management web application, which may result in information disclosure. OpenVAS Vulnerability Test $Id: deb3529.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3529-1 using nvtgen 1.0 Script version: 1.0...

5.8CVSS5.7AI score0.01931EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/03/22 12:0 a.m.26 views

Debian: Security Advisory (DSA-3529-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS5.3AI score0.01931EPSS
Exploits0References3
CNVD
CNVD
added 2015/12/17 12:0 a.m.6 views

Redmine Information Disclosure Vulnerability

Redmine is a set of open source Web-based project management and defect tracking tools . An information disclosure vulnerability exists in Redmine. An attacker can exploit this vulnerability to obtain sensitive information...

4.3CVSS6.2AI score0.01719EPSS
Exploits0References1
seebug.org
seebug.org
added 2015/11/26 12:0 a.m.26 views

用友项目管理系统设计不当可以登入获取大量敏感信息

简要描述: 用友项目管理系统设计不当可以登入获取大量敏感信息 详细说明: 用友产品缺陷管理系统使用了JIRA,对外网开放了后台访问和注册权限,导致可以任意注册用进行登录查看相关项目信息 泄露后台:http://123.103.9.112/login.jsp 注册地址:http://123.103.9.112/secure/Signup!default.jspa 漏洞证明:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/11/23 12:0 a.m.21 views

Celoxis 9.5 Cross Site Scripting

================================================================ Celoxis alert"XSS" Advisory Timeline -------------------- 08/10/2015 - Informed Vendor about Issue 08/10/2015 - Vendor responded 12/11/2015 - Reminded Vendor 14/11/2015 - Vendor responded saying 'they changed the framework itself to...

0.1AI score
Exploits0
0day.today
0day.today
added 2015/11/23 12:0 a.m.20 views

Celoxis 9.5 Cross Site Scripting Vulnerability

Celoxis versions 9.5 and below suffer from a cross site scripting vulnerability. ================================================================ Celoxis alert"XSS" Advisory Timeline -------------------- 08/10/2015 - Informed Vendor about Issue 08/10/2015 - Vendor responded 12/11/2015 - Reminded...

6.7AI score
Exploits0
Rows per page
Query Builder