7654 matches found
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
CVE-2020-10247
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
CVE-2020-10247
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
Design/Logic Flaw
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
CVE-2020-10247
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...
CVE-2020-10247
Vulnerability: CVE-2020-10247 affects MISP 2.4.122, where a Persistent XSS exists in the sighting popover tool (file app/View/Elements/Events/View/sighting_field.ctp). Impact: can store/trigger XSS in user-visible popovers. Root cause: persistent cross-site scripting in the sighting_field.ctp com...
PT-2020-12003 · Misp · Misp
Name of the Vulnerable Software and Affected Versions: MISP version 2.4.122 Description: The issue is related to a Persistent XSS in the sighting popover tool, specifically in the app/View/Elements/Events/View/sighting field.ctp file. Recommendations: For MISP version 2.4.122, consider disabling...
Intel Optane DC Persistent Memory Module Management Software - Lenovo Support US
Lenovo Security Advisory: LEN-30556 Potential Impact: Escalation of privilege Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0546 Summary Description: Intel reported potential security vulnerabilities in Intel Optane DC Persistent Memory Module Management Software which...
Intel Optane DC Persistent Memory Module Management Software - Lenovo Support US
No description provided...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software...
Alfresco 5.2.4 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link:...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...
CVE-2020-9019
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
CVE-2020-9019
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
Design/Logic Flaw
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
CVE-2020-9019
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description...
CVE-2020-9019
CVE-2020-9019 concerns the WordPress WPJobBoard plugin version 5.5.3, which permits a persistent cross-site scripting (XSS) attack through the Add Job form in the frontend. The vulnerability targets fields like Title and Description, allowing injected script payloads to persist and potentially ex...
DotNetNuke 9.5 - Persistent Cross-Site Scripting
DotNetNuke 9.5 - Persistent Cross-Site Scripting Exploit Title: DotNetNuke 9.5 - Persistent Cross-Site Scripting Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link:...
DotNetNuke 9.5 - Persistent Cross-Site Scripting
Exploit Title: DotNetNuke 9.5 - Persistent Cross-Site Scripting Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link: https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.5.0/DNNPlatform9.5.0Install.zip Version: . For instance, uploadi...
Default credentials
D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password...