Lucene search
+L

11 matches found

nvd
nvd
added 2026/01/05 2:15 p.m.8 views

CVE-2025-12511

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring DSM extenstio configuration modules allows Stored XSS to user with elevated privileges. This issue affects Infra Monitoring: from 25.10.0 before 25.10.1, from 24.10...

6.8CVSS0.00163EPSS
Exploits0References2
euvd
euvd
added 2026/01/05 2:5 p.m.8 views

EUVD-2026-0857

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring DSM extenstio configuration modules allows Stored XSS to user with elevated privileges. This issue affects Infra Monitoring: from 25.10.0 before 25.10.1, from 24.10...

6.8CVSS5AI score0.00163EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/01/05 12:0 a.m.8 views

PT-2026-1287

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 25.10.0 through 25.10.0 Centreon Infra Monitoring versions 24.10.0 through 24.10.3 Centreon Infra Monitoring versions 24.04.0 through 24.04.7 Description The software contains an Improper Neutralization of...

6.8CVSS5.3AI score0.00163EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/10/15 7:38 p.m.12 views

CVE-2025-61675

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...

8.6CVSS8.3AI score0.3896EPSS
Exploits6References1
vulnrichment
vulnrichment
added 2025/10/14 7:30 p.m.3 views

CVE-2025-61675 FreePBX Endpoint Manager vulnerable to authenticated SQL injection in multiple configuration parameters

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...

8.6CVSS7.9AI score0.3896EPSS
Exploits6References1
attackerkb
attackerkb
added 2025/10/14 7:30 p.m.4 views

CVE-2025-61675

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...

8.6CVSS6.1AI score0.3896EPSS
Exploits6References4Affected Software1
euvd
euvd
added 2025/10/14 7:30 p.m.35 views

EUVD-2025-34454

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...

8.6CVSS7.8AI score0.3896EPSS
Exploits6References1
github
github
added 2024/06/03 4:46 p.m.28 views

TYPO3 SQL Injection in dbal

A flaw in the database escaping API results in a SQL injection vulnerability when extension dbal is enabled and configured for MySQL passthrough mode in its extension configuration. All queries which use the DatabaseConnection::sqlquery are vulnerable, even if arguments were properly escaped with...

8AI score
Exploits0References3Affected Software1
f5
f5
added 2023/02/21 8:2 p.m.47 views

K75532331: iRulesLX debug NodeJS vulnerability CVE-2019-6644

Security Advisory Description Similar to the issue identified in CVE-2018-12120, the BIG-IP system will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible. CVE-2019-6644 Impac...

9.4CVSS8.1AI score0.01404EPSS
Exploits0Affected Software13
packetstorm
packetstorm
added 2018/07/13 12:0 a.m.38 views

OpenConext-EngineBlock 5.7.3 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 XSS vulnerabilities were found in multiple pages that allows an attacker to inject arbitrary web scripts. The Twig PHP extension configuration was not sanitizing user input before display it to the user. Issues fixed in version 5.7.4 and 5.8.0. Git...

6.4AI score0.0084EPSS
Exploits2
nessus
nessus
added 2013/11/12 12:0 a.m.28 views

Fedora 20 : ReviewBoard-1.7.17-1.fc20 / python-djblets-0.7.23-1.fc20 (2013-20749)

New upstream security release 1.7.17 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.17/ - Resolves: CVE-2013-4519 - Security Fixes : - Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions. - Added a 'X-Frame-Options' header to prevent clickjacking. - New...

4.3CVSS5.5AI score0.02015EPSS
Exploits0References5
Rows per page
Query Builder