CVE-2020-26049

Nifty-PM CPE 2.3 is affected by stored HTML injection. The impact is remote arbitrary code execution...

Niftypm Injection Vulnerability

Niftypm is a project management application from Niftypm USA. The application centralizes modern work content and supports features such as chat, tasks, documents, calendars, meetings, and more. Niftypm CPE 2.3 suffers from an injection vulnerability that originates from remote arbitrary code...

U.S. Dept Of Defense: CSRF to Stored HTML injection at https://www.█████

Description: I have found out that on the https://www.███████ domain, you initiate POST request in order to look up for case studies, the parameter keyword on the request, allows the usage of bad characters such as Click here to win 1000$!" 3. Save the POST request and craft CSRF payload. HTML...

SolarWinds Orion Platform HTML Injection Vulnerability

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. An...

CVE-2019-12863

SolarWinds Orion Platform 2018.4 HF3 NPM 12.4, NetPath 1.1.4 allows Stored HTML Injection by administrators via the Web Console Settings screen...

CVE-2019-12863

SolarWinds Orion Platform 2018.4 HF3 NPM 12.4, NetPath 1.1.4 allows Stored HTML Injection by administrators via the Web Console Settings screen...