12 matches found
Web-School ERP 跨站脚本漏洞
Web-School ERP is an application from Web-School India, Inc. An ERP application. A cross-site scripting vulnerability exists in School ERP Pro+Responsive version 1.0, which originates from a cross-site scripting vulnerability in the /schoolerp/officeadmin/ page for the esbankacc, esbankname,...
xvm-127-205.dc2.ghst.net Cross Site Scripting vulnerability OBB-3876476
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
i-tools-dc2.net Cross Site Scripting vulnerability OBB-3512677
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-35115
IceWarp WebClient DC2 - Update 2 Build 9 13.0.2.9 was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php...
CVE-2022-35115
IceWarp WebClient DC2 - Update 2 Build 9 13.0.2.9 was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php...
CVE-2022-35115
IceWarp WebClient DC2 Update 2 Build 9 (13.0.2.9) is affected by a SQL injection vulnerability exploitable via the search parameter in /webmail/server/webmail.php. The issue yields a CVSSv3.1 score of 9.8 (CRITICAL) with Network attack vector, no user interaction, and requires no privileges. The ...
webx14.dc2.polarcom.it Cross Site Scripting vulnerability OBB-2361502
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CORE FORCE Firewall 0.95.167 and Registry Modules Multiple Local Kernel Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27341/info CORE FORCE Firewall and Registry modules are prone to multiple local kernel buffer-overflow vulnerabilities because the software fails to adequately verify user-supplied input. Local attackers can exploit these...
CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities
CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities source: https://www.securityfocus.com/bid/27341/info CORE FORCE Firewall and Registry modules are prone to multiple local kernel buffer-overflow vulnerabilities because the software fails to...
CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities
source: https://www.securityfocus.com/bid/27341/info CORE FORCE Firewall and Registry modules are prone to multiple local kernel buffer-overflow vulnerabilities because the software fails to adequately verify user-supplied input. Local attackers can exploit these issues to cause denial-of-service...
VMware Workstation VMStor-60驱动本地溢出漏洞
BUGTRAQ ID: 25441 VMware Workstation是一款非常流行的虚拟PC机软件。 VMware Workstation的vmstor-60驱动中存在缓冲区溢出漏洞,本地攻击者可能利用此漏洞提升自己的权限。 如果向该驱动发送的IOCTL代码FsSetVoleInformation的子代码FsSetFileInformation设置了很大的缓冲区,但将其最大大小报告为1024字节的话,就可能触发这个溢出,导致以内核权限执行任意指令。 VMWare Workstation 6.0 临时解决方法: 在设备管理器中禁用vstor-ws60驱动。 厂商补丁: VMWare...
Bing Bar DC2 4-5
...