18 matches found
Enalean Tuleap Injection Vulnerability
Enalean Tuleap is a set of open source software development and project management tools from the French company Enalean. The tool provides enterprise application lifecycle management, as well as project tracking, source code management, and team collaboration.Enalean Tuleap suffers from an...
JetBrains YouTrack Project Information Disclosure Vulnerability
YouTrack is a keyboard-based issue and project tracking tool from the Czech company JetBrains, primarily used for tracking tasks and defect correction arrangements during development. A project information disclosure vulnerability exists in versions of JetBrains YouTrack prior to 2020.6.1099. No...
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Directory Traversal
DALIM SOFTWARE ES Core 5.0 build 7184.1 Multiple Remote File Disclosures Vendor: Dalim Software GmbH Product web page: https://www.dalim.com Affected version: ES/ESPRiT 5.0 build 7184.1 build 7163.2 build 7163.0 build 7135.0 build 7114.1 build 7114.0 build 7093.1 build 7093.0 build 7072.0 build...
Traq authenticate function remote code execution
Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...
Traq authenticate function remote code execution
Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...
Traq authenticate function remote code execution
Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...
Traq authenticate function remote code execution
Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...
Issue key can be enumerated - Resolve Issue Feature
Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to horizontal privilege elevation attacks within the Resolve Issue feature, accessible through the given address:...
Issue key can be enumerated - Resolve Issue Feature
Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to horizontal privilege elevation attacks within the Resolve Issue feature, accessible through the given address:...
Issue key can be enumerated - Resolve Issue Feature
Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to horizontal privilege elevation attacks within the Resolve Issue feature, accessible through the given address:...
Cross Site Request Forgery - Deleting User's Dashboards
Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL:...
Cross Site Request Forgery - Deleting User's Dashboards
Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL:...
Cross-Site Request Forgery
Cross-Site Request Forgery Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL: /jira/plugins/servlet/streamscomments This vulnerability enables...
Cross-Site Request Forgery
Cross-Site Request Forgery Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL: /jira/plugins/servlet/streamscomments This vulnerability enables...
User Enumeration
Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that at least two vulnerabilities regarding User Enumeration were found within the software. Case 1: Logged In Whenever a logged user accesses the Url...
User Enumeration
Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that at least two vulnerabilities regarding User Enumeration were found within the software. Case 1: Logged In Whenever a logged user accesses the Url...
Mainely Newspaper CMS Persistent XSS Vulnerability
Exploit for php platform in category web applications ================================================== Mainely Newspaper CMS Persistent XSS Vulnerability ================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\...
CVE-2007-0505
Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue...