5 matches found
Improper Domain Name Validation
com.liferay.portal, com.liferay.portal.impl is vulnerable to an improper domain name validation. The vulnerability is due to incorrect identification of the subdomain in domain names, which can lead to the creation of a supercookie, allowing an attacker controlling a website with the same top-lev...
EUVD-2018-18281
Malware in sbrugna...
Viki Solutions Viki Vera Cross-Site Scripting Vulnerability
Viki Solutions Viki Vera is a suite of workflow customization platforms from Canadian company Viki Solutions. The platform supports file uploading, job management, and other features. A security vulnerability exists in Viki Vera 4.9.1.26180, which can be exploited by an attacker to set a user's...
CVE-2018-6528
XSS vulnerability in htdocs/webinc/body/bscsmssend.php in D-Link DIR-868L DIR868LA1FW112b04 and previous versions, DIR-865L DIR-865LREVAFIRMWAREPATCH1.08.B01 and previous versions, and DIR-860L DIR860LA1FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver...
Code injection
The Administration and Reporting Tool in IBM Rational License Key Server RLKS 8.1.4 before 8.1.4.7 allows remote authenticated users to read cookies via unspecified vectors...