Fedora Update for glpi FEDORA-2019-c36819bf25

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for glpi FEDORA-2019-a66789a334

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 29 Update: glpi-9.3.4-1.fc29

GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...

[SECURITY] Fedora 29 Update: glpi-9.3.3-2.fc29

GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...

[SECURITY] Fedora 30 Update: glpi-9.4.1.1-1.fc30

GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...

Cross-Site Scripting (XSS)

Red Hat JBoss Operations Network is vulnerable to cross-site scripting XSS. Lack of input validation in the Administration Interface allows remote attackers to inject arbitrary Javascript into a victim's browser to steal session tokens or perform unwanted actions on behalf of the user...

CVE-2018-12409

The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that may allow reflected cross-site scripting XSS attacks. Affected releases are TIBCO Software Inc.'s TIBCO Silver Fabric: versions up to and including 5.8.1...

CVE-2018-6443

A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who...

CVE-2018-6443

A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who...

CVE-2018-20600

sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmincedit action...

GPON ONT Home Gateway Router is vulnerable to authenticated remote command execution (CVE-2018-10562)

Binary data gponcve-2018-10562.nbin...

CVE-2018-4019

An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...

CVE-2018-4021

An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...

CVE-2018-4020

An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...

CMS Made Simple 2.2.7 - (Authenticated) Remote Code Execution

CMS Made Simple 2.2.7 - Authenticated Remote Code Execution Exploit Title: CMS Made Simple 2.2.7 - Remote Code Execution Date: 2018-11-04 Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage:...

CMS Made Simple 2.2.7 - (Authenticated) Remote Code Execution

Exploit Title: CMS Made Simple 2.2.7 - Remote Code Execution Date: 2018-11-04 Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

EC-CUBE Payment Module and GMO-PG Payment Module Cross-Site Scripting Vulnerabilities

LOCKON EC-CUBE is an open source e-commerce website building platform developed by LOCKON Japan. The platform supports product login, user evaluation, art layout, etc. EC-CUBE Payment Module and GMO-PG Payment Module are payment modules developed by Japan GMO Payment Gateway Company which are use...

CVE-2018-6677

Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway MWG MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors...

[SECURITY] Fedora 28 Update: glpi-9.2.4-2.fc28

GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...

SeaCMS Cross-Site Request Forgery Vulnerability

SeaCMS Ocean CMS is a professional open source free PHP film and television system. SeaCMS version 6.61 suffers from a cross-site request forgery vulnerability, which can be exploited by an attacker to add a user account via adm1n/adminmanager.php?action=add...