Lucene search
K

144 matches found

Openbugbounty
Openbugbounty
added 2020/09/12 12:42 a.m.9 views

ecm-spezialist.de Cross Site Scripting vulnerability OBB-1327637

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/08/18 12:0 a.m.28 views

openSUSE Security Update : hylafax+ (openSUSE-2020-1209)

This update for hylafax+ fixes the following issues : Hylafax was updated to upstream version 7.0.3. Security issues fixed : - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...

7.8CVSS7.5AI score0.00538EPSS
Exploits2References4
NVD
NVD
added 2020/05/20 3:15 p.m.30 views

CVE-2020-13240

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.5CVSS5.3AI score0.00701EPSS
Exploits1References1
NVD
NVD
added 2020/05/20 3:15 p.m.25 views

CVE-2020-13239

The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...

5.4CVSS5.4AI score0.00698EPSS
Exploits1References1
OSV
OSV
added 2020/05/20 3:15 p.m.12 views

CVE-2020-13240

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.4CVSS6.7AI score0.00701EPSS
Exploits1References1
Prion
Prion
added 2020/05/20 3:15 p.m.19 views

Design/Logic Flaw

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.5CVSS5.3AI score0.00701EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2020/05/20 3:15 p.m.19 views

CVE-2020-13240

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.5CVSS6.1AI score0.00701EPSS
Exploits1References2
Prion
Prion
added 2020/05/20 3:15 p.m.15 views

Cross site scripting

The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...

3.5CVSS5.4AI score0.00698EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2020/05/20 3:15 p.m.19 views

CVE-2020-13239

The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...

5.4CVSS6.1AI score0.00698EPSS
Exploits1References2
OSV
OSV
added 2020/05/20 3:15 p.m.6 views

UBUNTU-CVE-2020-13240

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.4CVSS6.1AI score0.00701EPSS
Exploits1References3
Cvelist
Cvelist
added 2020/05/20 2:57 p.m.27 views

CVE-2020-13239

The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...

5.4AI score0.00698EPSS
Exploits1References1
CVE
CVE
added 2020/05/20 2:57 p.m.47 views

CVE-2020-13239

Dolibarr 11.0.4 DMS/ECM module vulnerability: rendering of user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link enables stored XSS. Root cause is insufficient validation/handling of HTML attachments in Dolibarr’s DMS/ECM component. Report...

5.4CVSS5.3AI score0.00698EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/05/20 2:57 p.m.41 views

CVE-2020-13240

Dolibarr 11.0.4's DMS/ECM module is vulnerable: users with the 'Setup documents directories' permission can rename uploaded files to have insecure file extensions, bypassing the .noexe protection mechanism against XSS. This is a stored cross‑site scripting risk described across multiple sources (...

5.5CVSS5.3AI score0.00701EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/05/20 2:57 p.m.27 views

CVE-2020-13240

The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...

5.3AI score0.00701EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2020/05/20 12:0 a.m.6 views

PT-2020-13389 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 11.0.4 Description: The issue concerns the DMS/ECM module, which renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link, leading to a Cross-Site Scripting XSS...

5.4CVSS6.2AI score0.00698EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.10 views

Rockwell Automation E300 Overload Relay 193-ECM-ETR Motor Overload

Binary data 752367.prm...

7.3AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/28 5:15 a.m.41 views

Security Bulletin: FileNet CMIS (FNCMIS) leveraging Spring Framework is vulnerable to a denial of service caused by improper handling of range request by the ResourceHttpRequestHandler

Summary FileNet Content Management Interoperability Services CMIS, which ships with IBM Content Navigator, is affected by the following vulnerability: Spring Framework’s improper handling of ResourceHttpRequestHandler could result in denial of service condition. Vulnerability Details CVE-ID:...

7.5CVSS0.6AI score0.09513EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/04 6:30 a.m.24 views

Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition

Summary Enterprise Content Management System Monitor has addressed the following vulnerability in IBM® SDK Java™ Technology Edition. This issue was disclosed as part of the IBM® SDK Java™ Technology Edition Quarterly CPU - Oct 2018 - Includes Oracle Oct 2018 CPU. Vulnerability Details CVEID:...

6.8CVSS0.3AI score0.03392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/11/16 10:50 a.m.28 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Enterprise Content Management System Monitor

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and 8 used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-1656 DESCRIPTION:The IBM Java...

7.8CVSS1AI score0.04513EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:17 p.m.52 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Enterprise Content Management System Monitor

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version Java 6 and Java 7 used by Enterprise Content Management System Monitor. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5573 DESCRIPTION:...

8.3CVSS0.8AI score0.03255EPSS
Exploits0Affected Software1
Rows per page
Query Builder