12 matches found
org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33939 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)
org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33939 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15807043...
CVE-2026-0499
SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server response and executed in a user's browser when the crafted URL is visited, leading to theft of session information, manipulation of portal...
CVE-2026-0499
SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server response and executed in a user's browser when the crafted URL is visited, leading to theft of session information, manipulation of portal...
CVE-2014-8304
Cross-site scripting XSS vulnerability in In-Portal CMS 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the nexttemplate parameter to admin/index.php...
de.eonas.portal.demo:content (=0.1), de.eonas.portal.demo:templates (=0.1) +107 more potentially affected by CVE-2024-42699 via org.opencms:opencms-core (>=8.0.1 <=9.5.3)
org.opencms:opencms-core MAVEN version =8.0.1, =8.5.1.1, =8.5.1.1, =8.0.1, =8.0.1, =8.0.4, =8.5.0, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.5.0, =8.5.2 and more Source cves: CVE-2024-42699 Source advisory: SNYK:JAVA-ORGOPENCMS-9802334...
CVE-2022-35224
SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a...
Null pointer dereference
A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery CPCD services daemon cpcd of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an attacker to send malformed HTTP packets to the device thereby causing a Denial of Service DoS,...
CVE-2021-0251 Junos OS: MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC: The BRAS Subscriber Services service activation portal is vulnerable to a Denial of Service (DoS) via malformed HTTP packets
A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery CPCD services daemon cpcd of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an attacker to send malformed HTTP packets to the device thereby causing a Denial of Service DoS,...
CVE-2020-15539
SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field...
Arbitrary File Read Vulnerability in ctcms
Chong Sheng Network Technology has developed Cscms Portal Content Management System, Ctcms Network Video Education Management System, Aggregate Payment, and a Multi-Merchant Entry Card Issuing Platform Management System. ctcms has an arbitrary file read vulnerability, an attacker can exploit the...
SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component (CVE-2016-9563)
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XXE...
海天OA /VO_EmailCaoGao.asp /portal/content/content_1.asp 两处POST类型的sql注入
No description provided by source...