8 matches found
EUVD-2019-6497
Malware in sbrugna...
Observium cross-site scripting vulnerability (CNVD-2020-54787)
Observium is a low-maintenance auto-discovery network monitoring platform that supports multiple device types, platforms and operating systems. Observium suffers from a cross-site scripting vulnerability. The vulnerability can be exploited by an attacker to inject and store malicious JavaScript...
CVE-2020-25131
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting XSS due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the rolename or roledescr parameter to the roles/ URI...
CVE-2019-15510
ManageEngineDesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role...
CVE-2019-15510
ManageEngineDesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role...
PT-2020-9704 · Zoho · Zoho Manageengine Desktop Central
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Desktop Central version 10 Description: The issue allows HTML injection on the user administration page via the description of a role. This is achieved by exploiting the description variable in the role creation process. The...
springboot_authority cross-site scripting vulnerability
springbootauthority is a backend management system. The system includes modules for user management, role management, and resource connection management. A cross-site scripting vulnerability exists in the admin/role/edit page in springbootauthority 2017-03-06 and earlier versions, which can be...
CVE-2007-2703
BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access privileged resources...