CVE-2024-31395

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this...

CVE-2024-31395

CVE-2024-31395 is an XSS vulnerability in a-blog cms where an attacker with editor-or-higher privileges who can log in may trigger arbitrary JavaScript in the browser of other users on the schedule-management page. Affected versions are: 3.1.x before 3.1.12; 3.0.x before 3.0.32; 2.11.x before 2.1...

Hospital Management System Cross-Site Scripting Vulnerability (CNVD-2022-67482)

Hospital Management System is a hospital management system. The system includes patient information management, ward management, surgery schedule management and financial management, etc. A cross-site scripting vulnerability exists in Hospital Management System v1.0, which stems from the lack of...

Hospital Management System Cross-Site Scripting Vulnerability (CNVD-2022-67484)

HealthNode Hospital Management System is a hospital management system. The system includes patient information management, ward management, surgery schedule management and financial management, etc. A cross-site scripting vulnerability exists in Hospital Management System v1.0, which stems from t...

CVE-2016-6100

IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that th...

CVE-2013-6321

SQL injection vulnerability in IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite aka Atlas Policy Suit...

CVE-2013-6321

SQL injection vulnerability (CVE-2013-6321) affects IBM Atlas Suite components (Atlas eDiscovery Process Management 6.0.1.5 and earlier/6.0.2; Disposal and Governance Management for IT 6.0.1.5 and earlier/6.0.2; Global Retention Policy and Schedule Management 6.0.1.5 and earlier/6.0.2). Root caus...

[SECURITY] Fedora 18 Update: WebCalendar-1.2.7-1.fc18

WebCalendar is a PHP-based calendar application that can be configured as a single-user calendar, a multi-user calendar for groups of users, or as an event calendar viewable by visitors. MySQL, PostgreSQL, Oracle, DB2, Interbase, MS SQL Server, or ODBC is required. WebCalendar can be setup in a...

[SECURITY] Fedora 19 Update: WebCalendar-1.2.7-1.fc19

WebCalendar is a PHP-based calendar application that can be configured as a single-user calendar, a multi-user calendar for groups of users, or as an event calendar viewable by visitors. MySQL, PostgreSQL, Oracle, DB2, Interbase, MS SQL Server, or ODBC is required. WebCalendar can be setup in a...

Fedora Update for WebCalendar FEDORA-2012-1898

Check for the Version of WebCalendar OpenVAS Vulnerability Test Fedora Update for WebCalendar FEDORA-2012-1898 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Fedora Update for WebCalendar FEDORA-2012-1934

Check for the Version of WebCalendar OpenVAS Vulnerability Test Fedora Update for WebCalendar FEDORA-2012-1934 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

JVN#31723154 LacoodaST from SpaceTag, Inc. session fixation vulnerability

LacoodaST from SpaceTag, Inc. is groupware providing schedule and task managements, etc. LacoodaST contains a session fixation vulnerability. Impact A remote attacker impersonating a logged in user could manipulate the operation with the user's privilege. As a result, disclosure or alteration of...

JVN#83428818 La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery

La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site request forgery vulnerability. Impact Password or other configurations may be changed if the logged in user...