12 matches found
EUVD-2018-20328
Malware in sbrugna...
EUVD-2018-9581
Malware in sbrugna...
EUVD-2022-53441
Malicious code in bioql PyPI...
CVE-2022-23049
Exponent CMS 2.6.0patch2 allows an authenticated user to inject persistent JavaScript code on the "User-Agent" header when logging in. When an administrator user visits the "User Sessions" tab, the JavaScript will be triggered allowing an attacker to compromise the administrator session...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2019-13370
index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator...
SAP BusinessObjects Business Intelligence Platform 4.3 < 4.3 SP2 P5 Information Disclosure
The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is prior to 4.3 SP2 P5 or 4.3 SP3. It is, therefore, affected by an information disclosure vulnerability. A remote attacker, authenticated as a CMS administrator can access the BOE Monitoring...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
Authentication flaw
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
CVE-2022-32244
Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve non-personal system data, modify system data but can't make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network ...
SAP BusinessObjects Business Intelligence Platform 4.2 < 4.2 SP9 P9 / 4.3 < 4.3 SP2 P5 Multiple Vulnerabilities
The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is prior to 4.2 SP9 P9, 4.3 SP2 P5 or 4.3 SP3. It is, therefore, affected by multiple vulnerabilities vulnerabilities: - An unauthenticated, remote attacker can view any data available for a...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. EZ Publish: privilege escalation from user to CMS Administrator + Privilege escalation from CMS Administrator to system user...