6 matches found
CVE-2026-30587
Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14 and prior and fixed in 13.0.17, 13.0.17-pro, and 12.0.20-pro, via the Seadoc sdoc editor. The application fails to properly sanitize WebSocket messages regarding document structure updates. This allows...
Frappe Framework Input Validation Error Vulnerability
Frappe Technologies Frappe Framework is a metadata-driven full-stack web application framework based on Python and JavaScript from Frappe Technologies, India. A security vulnerability exists in Frappe Framework 12 and 13 that stems from not properly validating Frappe's HTTP methods...
CVE-2018-14808
Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change executable and library files on the affected products...
ZOHO ManageEngine Applications Manager SQL Injection Vulnerability (CNVD-2017-05226)
ZOHO ManageEngine Applications Manager is a set of application performance monitoring software from the U.S. company ZOHO ZOHO. A SQL injection vulnerability exists in ZOHO ManageEngine Applications Manager versions 12 and 13. A remote attacker can exploit this vulnerability to execute arbitrary...
ZOHO ManageEngine Applications Manager XML External Entity Injection Vulnerability
ZOHO ManageEngine Applications Manager is a set of application performance monitoring software from the U.S. company ZOHO ZOHO. An XML external entity injection vulnerability exists in ZOHO ManageEngine Applications Manager versions 12 and 13. An attacker can exploit this vulnerability to read...
ZOHO ManageEngine Applications Manager Cross-Site Scripting Vulnerability
ZOHO ManageEngine Applications Manager is a set of application performance monitoring software from ZOHO. A cross-site scripting vulnerability exists in ZOHO ManageEngine Applications Manager versions 12 and 13. A remote attacker can exploit this vulnerability to inject arbitrary script code and...