CVE-2025-53707

A reflected cross-site scripting xss vulnerability exists in the modifyTranscript functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

CVE-2025-68066 WordPress Soledad theme <= 8.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign Soledad soledad allows PHP Local File Inclusion.This issue affects Soledad: from n/a through = 8.7.0...

PT-2023-26037 · Unknown · Intergard Sgs

Name of the Vulnerable Software and Affected Versions: Intergard SGS version 8.7.0 Description: A vulnerability has been found in the Change Password Handler component, which can be exploited to cause a denial of service. The attack can be launched remotely. The vendor was contacted about this...

Intergard SGS 授权问题漏洞

Intergard SGS is a security appliance from Brazilian company Intergard. An authorization issue vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of unknown functionality in the application, resulting in a privilege issue...

CVE-2022-2870

creationtimestamp| type| source ---|---|--- 2022-08-17 22:40:30+00:00| seen| https://t.me/cibsecurity/48297...

Atlassian JIRA Server and Data Center Add Field Module Cross-Site Scripting Vulnerability

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is the server version of a defect tracking management system. The system is mainly used to track and manage all kinds of problems and defects in the workplace.Atlassian JIRA Data...

Zimbra Collaboration Server Cross-Site Scripting Vulnerability

Zimbra Collaboration Server ZCS is a suite of email and collaboration solutions from Zimbra, USA. The solution provides email, contacts, calendaring, file sharing, social networking, and more. A cross-site scripting vulnerability exists in the admin console in version 8.x of Zimbra ZCS prior to...

Multiple Unspecified Vulnerabilities in Zimbra Collaboration

Zimbra Collaboration is a suite of email and collaboration solutions from Zimbra USA. The solution offers email, contacts, calendaring, file sharing, social networking, and more. Multiple unspecified vulnerabilities exist in Zimbra Collaboration versions prior to 8.7.0 that allow remote attackers...

Unspecified vulnerability in Zimbra Collaboration (CNVD-2017-00887)

Zimbra Collaboration is a suite of email and collaboration solutions from Zimbra USA. The solution offers email, contacts, calendaring, file sharing, social networking, and more. Zimbra Collaboration has an unspecified vulnerability in versions prior to 8.7.0 that allows remote attackers to affec...

Multiple Cross-Site Scripting Vulnerabilities in Zimbra Collaboration

Zimbra can provide open source email server software and shared calendars. Multiple cross-site scripting vulnerabilities in versions prior to Zimbra Collaboration 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors also known as bugs 104552 and 104703...

Zimbra Collaboration suffers from multiple cross-site scripting vulnerabilities (CNVD-2017-00759)

Zimbra can provide open source email server software and shared calendars. Multiple cross-site scripting vulnerabilities exist in Zimbra Collaboration versions prior to 8.7.0. Allows remote attackers to inject arbitrary web script or HTML via unspecified vectors also known as errors...

CVE-2016-3402

Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect confidentiality via unknown vectors, aka bug 99167...

CVE-2016-3411

Cross-site scripting XSS vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609...

CVE-2016-3407

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104222, 104910, 105071, and 105175...

BELL-CVE-2014-8709 CVE-2014-8709 does not affect BellSoft software

Bulletin has no description...