Cross-Site Request Forgery (CSRF) in kunstmaan/kunstmaanbundlescms

Description There is exist multiple high impact CSRF that attacker can delete many part of applications contents. I provide the full list of CSRFs vulnerable endpoints for you. because the number of endpoints are too many I don't put the PoC.html of all of the vulnerable endpoints...

Multiple TIBCO Products Spring web flows Component Information Disclosure Vulnerability

TIBCO JasperReports Server and so on are the products of the United States TIBCO Software Corporation.TIBCO JasperReports Server is a report generation and editing tools for the server version , TIBCO JasperReports Server Community Edition is its community edition. Spring web flows is one of the...

UBUNTU-CVE-2018-5430

The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contain a vulnerability which...

PT-2007-5051 · Jwig · Jwig

Name of the Vulnerable Software and Affected Versions: JWIG affected versions not specified Description: The issue might allow context-dependent attackers to cause a denial of service service degradation via loops of references to external templates. However, it has been disputed by multiple thir...