14 matches found
EUVD-2014-9210
Malware in sbrugna...
CVE-2020-15817
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues...
CVE-2020-15817
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues...
Design/Logic Flaw
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues...
CVE-2020-15817
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues...
CVE-2019-15003
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view...
CVE-2019-15003
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view...
Authorization
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view...
CVE-2019-14994
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and...
CVE-2019-14994
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and...
Code injection
bugreport.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handlerid parameter...
CVE-2014-9388
bugreport.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handlerid parameter...
CVE-2014-9388
CVE-2014-9388 affects MantisBT prior to 1.2.18, where bug_report.php can allow remote attackers to assign arbitrary issues via the handler_id parameter. This is a behavioral flaw in the issue assignment flow, enabling potential misrouting or manipulation of issues without authentication beyond th...
CVE-2014-9388
bugreport.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handlerid parameter...