CVE-2018-18930

The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. An authenticated attacker can upload a crafted ZIP file based on an exported backup of...

CVE-2019-11198

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

CVE-2019-11198

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

SQL Injection Vulnerability in Business Management Platform System Da***.aspx

Shenzhen Consulting Micro Information Technology Co., Ltd. is a company engaged in the research and development of management software platform. SQL injection vulnerability exists in the business management platform system Da.aspx, which can be exploited by attackers to obtain sensitive informati...

Improper access control

Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information...

CVE-2019-13403

Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information...

CVE-2019-10935

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier All versions, SIMATIC PCS 7 V8.1 All versions V8.1 with WinCC V7.3 Upd 19, SIMATIC PCS 7 V8.2 All versions V8.2 SP1 with WinCC V7.4 SP1 Upd 11, SIMATIC PCS 7 V9.0 All versions V9.0 SP2 with WinCC V7.4 SP1 Upd11, SIMATIC WinCC...

CVE-2019-10935

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier All versions, SIMATIC PCS 7 V8.1 All versions V8.1 with WinCC V7.3 Upd 19, SIMATIC PCS 7 V8.2 All versions V8.2 SP1 with WinCC V7.4 SP1 Upd 11, SIMATIC PCS 7 V9.0 All versions V9.0 SP2 with WinCC V7.4 SP1 Upd11, SIMATIC WinCC...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier All versions, SIMATIC PCS 7 V8.1 All versions V8.1 with WinCC V7.3 Upd 19, SIMATIC PCS 7 V8.2 All versions V8.2 SP1 with WinCC V7.4 SP1 Upd 11, SIMATIC PCS 7 V9.0 All versions V9.0 SP2 with WinCC V7.4 SP1 Upd11, SIMATIC WinCC...

CVE-2019-10935

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier All versions, SIMATIC PCS 7 V8.1 All versions V8.1 with WinCC V7.3 Upd 19, SIMATIC PCS 7 V8.2 All versions V8.2 SP1 with WinCC V7.4 SP1 Upd 11, SIMATIC PCS 7 V9.0 All versions V9.0 SP2 with WinCC V7.4 SP1 Upd11, SIMATIC WinCC...

CVE-2019-10935

CVE-2019-10935 applies to Siemens SIMATIC WinCC/PCS7 family (PCS 7 v8.x/9.x and WinCC variants) where the WinCC DataMonitor web application allows an authenticated, network-accessible attacker to upload arbitrary ASPX code. The vulnerability enables unrestricted file upload without user interacti...

GHSA-958R-G534-CCMR MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation

madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension...

Design/Logic Flaw

madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in appcode/handlers/PostHandler.cs writes a decoded base64 string to a file without validating the extension...

CVE-2019-9842

CVE-2019-9842 affects madskristensen MiniBlog (through 2018-05-18). The root cause is in SaveFilesToDisk (app_code/handlers/PostHandler.cs), which writes a decoded base64 string to a file without validating the extension, enabling a remote attacker to execute arbitrary ASPX code via an IMG elemen...

CVE-2019-9842

madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in appcode/handlers/PostHandler.cs writes a decoded base64 string to a file without validating the extension...

SQL Injection Vulnerability in Se***.aspx Page of Qixing Conference Booking System

Qixing Meeting Booking System is a meeting booking system that prevents meeting conflicts and allows you to view the utilization rate of each meeting room in order to optimize the configuration of the meeting room. A SQL injection vulnerability exists in the Se.aspx page of the Qixing Meeting...

Remote Code Execution (RCE)

MadsKristensen.AspNetCore.Miniblog is vulnerable to remote code execution. A remote attacker is able to execute arbitrary ASPX code by uploading a malicious IMG element with a data: URL, which will be executed when the SaveFilesToDisk function in Controllers/BlogController.cs writes a decoded...

Design/Logic Flaw

madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension...

CVE-2019-9845

madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension...