20 matches found
CVE-2026-7782
A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component Tenant Handler. The manipulation of the argument ID results in authorization bypass. The attack may be performed from...
CVE-2026-6614
TransformerOptimus SuperAGI
EUVD-2016-5846
Malware in sbrugna...
EUVD-2016-5853
Malware in sbrugna...
CVE-2025-58335
CVE-2025-58335 affects JetBrains Junie prior to multiple build lines (252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50). The vulnerability is an information disclosure via the search_project function, wi...
PT-2025-35115
Name of the Vulnerable Software and Affected Versions JetBrains Junie versions 243.284.50 through 252.284.66 Description An information disclosure issue exists in the search project function. Recommendations Update JetBrains Junie to a version after 252.284.66...
CVE-2024-25503
Cross Site Scripting XSS vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function...
CVE-2024-25503
Cross Site Scripting XSS vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function...
CVE-2016-4866
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function...
CVE-2016-4873
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function...
Cross site scripting
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function...
CVE-2016-4867
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function...
CVE-2016-4873
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function...
CVE-2016-4866
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function...
Code injection
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function...
CVE-2016-4866
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function...
CVE-2016-4873
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function...
"Project" function in Cybozu Office vulnerable vulnerable to operation restriction bypass
Overview Cybozu Office provided by Cybozu,Inc. contains an operation restriction bypass vulnerability in the "Project" function. Yuji Tounai reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/C...
"Project" function in Cybozu Office vulnerable vulnerable to access restriction bypass
Overview Cybozu Office provided by Cybozu,Inc. contains an access restriction bypass vulnerability in the "Project" function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security...
"Project" function in Cybozu Office vulnerable to cross-site scripting
Overview Cybozu Office provided by Cybozu,Inc. contains a cross-site scripting vulnerability. Yuji Tounai reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated unde...