12 matches found
EUVD-2019-15493
Malware in sbrugna...
CVE-2022-30028
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token...
CVE-2022-30028
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token...
CVE-2022-30028
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token...
CVE-2022-30028
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token...
Default credentials
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token...
CVE-2022-30028
Dradis Professional Edition (affected: prior to 4.3.0) is vulnerable to password change via reusing a password reset token in the password reset flow. Root cause: token reuse during reset enables an attacker to set a new password for an account. Impact: unauthorized password change as described i...
CVE-2022-30028
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token...
Dradis 竞争条件问题漏洞
Dradis is a suite of reporting and collaboration tools for information security teams. A competitive condition issue vulnerability exists in Dradis Professional Edition 4.3.0 and prior versions, which stems from a vulnerability that allows an attacker to change an account password via a password...
CVE-2019-5925
Cross-site scripting vulnerability in Dradis Community Edition Dradis Community Edition v3.11 and earlier and Dradis Professional Edition v3.1.1 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-5925
Cross-site scripting vulnerability in Dradis Community Edition Dradis Community Edition v3.11 and earlier and Dradis Professional Edition v3.1.1 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...
Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting
Overview Dradis Community Edition and Dradis Professional Edition provided by Security Roots Ltd contain a cross-site scripting vulnerability CWE-79. Ohji Kashiwazaki of Ierae Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...