CVE-2019-15037

An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1...

CVE-2019-15040

JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page...

CVE-2019-15039

An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1...

CVE-2019-15042

An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1...

CVE-2019-15038

An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1...

liveSite Security Breach

liveSite is an affordable platform for business websites. A security vulnerability exists in liveSite version v2019.1, which stems from a remote code execution vulnerability in the /livesite/editdesignerregion.php component...

PT-2024-19514 · Livesite · Livesite

Name of the Vulnerable Software and Affected Versions: liveSite version 2019.1 Description: The issue is related to a remote code execution RCE via the components "/livesite/edit designer region.php" or "/livesite/add email campaign.php". Recommendations: For liveSite version 2019.1, at the momen...

Grupo Crk Banking Business Platform SQL Injection Vulnerability

Grupo Crk Banking Business Platform is a business management software from Grupo Crk, Portugal. A SQL injection vulnerability exists in CRK Business Platform version 2019.1 and prior versions that stems from allowing SQL statements to be injected into the database using the strSessao parameter...

Progress Software MOVEit Transfer Cross-Site Scripting Vulnerability

Progress Software MOVEit Transfer is a suite of file transfer software from Progress Software, USA. A cross-site scripting vulnerability exists in version 2019.1 prior to 2019.1.4 and version 2019.2 prior to 2019.2.1 in Progress Software MOVEit Transfer, which stems from a REST API endpoint that ...

JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2019-39176)

TeamCity is a Java-based build management and continuous integration server from JetBrains. A cross-site scripting vulnerability exists in JetBrains TeamCity 2019.1, 2019.1.1. An attacker can exploit this vulnerability to send arbitrary HTTP requests to the TeamCity server in the name of the...

CVE-2019-15848

JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting XSS, potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user...

Default configuration

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...