CVE-2026-23757

GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title parameter is passed directly to SWIFTReport::Create without HTML sanitization. Attackers can inject arbitrary JavaScript into the report title field when creating or editing a...

CVE-2022-32367

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/viewinquiry&id=...

PT-2019-20234 · Unknown · Smartbanner.Js

Name of the Vulnerable Software and Affected Versions: smartbanner.js versions prior to 1.14.1 Description: The issue concerns a Cross-Origin Window Reference Vulnerability. When a user clicks on the View link in the smartbanner and navigates to a third-party page, it leaves the window.opener...

IBM Rational Engineering Lifecycle Manager Information Disclosure Vulnerability (CNVD-2019-07358)

IBM Rational Engineering Lifecycle Manager is a product lifecycle management application that helps you visualize, analyze, and gain insight into engineering lifecycle data. An information disclosure vulnerability exists in IBM Rational Engineering Lifecycle Manager 5.0 - 6.0.6. A malicious user...

CVE-2018-1929

IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could allow a malicious user to be allowed to view any view if he knows the URL link of a the view, and access information that should not be able to see. IBM X-Force ID: 153120...