9 matches found
CVE-2019-20517
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the contact/ URI...
CVE-2019-20517
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the contact/ URI...
Cross site scripting
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the contact/ URI...
CVE-2019-20517
CVE-2019-20517 affects ERPNext 11.1.47 and is a reflected XSS vulnerability reachable via PATH_INFO to the /contact/ URI. The root cause noted in CNVD-2020-19000 is lack of proper validation of client-side data by the web application, allowing an attacker to execute client-side code. Public refer...
CVE-2019-17417
PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs...
Cross site scripting
PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs...
CVE-2019-17417
PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs...
Asterisk Long Contact URIs DoS Vulnerability (AST-2016-004)
Asterisk is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if...
Asterisk REGISTER Request Contact URI Handling DoS (AST-2016-004)
According to its SIP banner, the version of Asterisk running on the remote host is either 13.x prior to 13.8.1 or 13.1-cert prior to 13.1-cert5. It is, therefore, affected by a flaw when processing incoming REGISTER requests if the REGISTER contains an overlong URI in the Contact header. An...