Cisco Unified Communications Manager Information Disclosure Vulnerability (CNVD-2018-05178)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. An information disclosure...

FBI Warns Of Spike In W-2 Phishing Campaigns

The Federal Bureau of Investigation is warning businesses about a spike in phishing campaigns requesting W-2 information from payroll personnel. In a recent security advisory the FBI warned it has seen an increase since January in reports of compromised or spoofed emails involving W-2 forms. Thes...

Adobe Acrobat Pro DC PDF Forms Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Reader DC XFA dashDot Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

WordPress Ninja Forms plugin <=3.2.13 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Kasper Karlsson in WordPress Ninja Forms plugin versions = 3.2.13. Solution Update the WordPress Ninja Forms plugin to the latest available version at least 3.2.14...

WordPress Ninja Forms Plugin < 3.3.19.1 Open Redirect Vulnerability

The WordPress plugin Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

WordPress Ninja Forms Plugin < 3.2.14 XSS Vulnerability

The WordPress plugin Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2018-7280

The Ninja Forms plugin before 3.2.14 for WordPress has XSS...

CVE-2018-7280

The Ninja Forms plugin before 3.2.14 for WordPress has XSS...

CVE-2016-0369

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

Cross site scripting

The Ninja Forms plugin before 3.2.14 for WordPress has XSS...

Xxe

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

CVE-2016-0369

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

CVE-2018-7280

CVE-2018-7280 affects the WordPress Ninja Forms plugin prior to 3.2.14 (i.e., versions

CVE-2016-0369

IBM Forms Experience Builder versions 8.5, 8.5.1 and 8.6 are affected by an XML External Entity (XXE) processing vulnerability. The root cause is XXE when processing XML data, which could allow a remote authenticated attacker to obtain sensitive information. The CVSS v3 base score is 2.7 (LOW). R...

CVE-2016-0369

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

CVE-2018-7280

The Ninja Forms plugin before 3.2.14 for WordPress has XSS...

Ninja Forms <= 3.2.13 - Cross-Site Scripting (XSS)

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

CVE-2016-10007

SQL injection vulnerability in the "Marketing Forms" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the EXTFORMHANDLERorderBy parameter...

Sql injection

SQL injection vulnerability in the "Marketing Forms" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the EXTFORMHANDLERorderBy parameter...