KeeWeb v1.14.0 - (Notes) Html Inject Web Vulnerability

Document Title: =============== KeeWeb v1.14.0 - Notes Html Inject Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2237 Release Date: ============= 2020-05-05 Vulnerability Laboratory ID VL-ID: ==================================== 2237...

Skype v8.x - History Export v7 Web Vulnerability

Document Title: =============== Skype v8.x - History Export v7 Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2187 Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2019/08/11/skype MSRC: VULN-007910 Release Date:...

Skype v8.x - History Export v7 Web Vulnerability

Document Title: =============== Skype v8.x - History Export v7 Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2187 Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2019/08/11/skype MSRC: VULN-007910 Release Date:...

CVE-2018-1355

An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an...

CVE-2018-1355

CVE-2018-1355 is an open-redirect vulnerability in Fortinet FortiManager/FortiAnalyzer (affected: FortiManager 6.0.0 and earlier; FortiAnalyzer 6.0.0 and earlier) exploited via FortiView HTML-table-to-PDF conversion. It allows an attacker to inject script URLs into a generated PDF, potentially vi...

GhostMail - (Status Message) Persistent Web Vulnerability

Document Title: =============== GhostMail - Status Message Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1470 Release Date: ============= 2018-06-27 Vulnerability Laboratory ID VL-ID: ==================================== 14...

GhostMail - (Status Message) Persistent Web Vulnerability

Document Title: =============== GhostMail - Status Message Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1470 Release Date: ============= 2018-06-26 Vulnerability Laboratory ID VL-ID: ==================================== 14...

CVE-2016-6854

An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwant...

CVE-2016-6853

An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public keys. When requesting that key later on using a specific URL, such script code might get executed. In case of injecting external websites,...

CVE-2016-6843

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code can be injected to contact names. When adding those contacts to a group, the script code gets executed in the context of the user which creates or changes the group by using autocomplete. In most cases this is a...

Open redirect

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code can be injected to contact names. When adding those contacts to a group, the script code gets executed in the context of the user which creates or changes the group by using autocomplete. In most cases this is a...

CVE-2016-6854

An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwant...

CVE-2016-6843

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code can be injected to contact names. When adding those contacts to a group, the script code gets executed in the context of the user which creates or changes the group by using autocomplete. In most cases this is a...

Firefox < 39.0.3 PDF Reader Arbitrary File Access (Mac OS X)

The version of Firefox installed on the remote Mac OS X host is prior to 39.0.3. It is, therefore, affected by a vulnerability in the same origin policy in which an attacker can inject script code into a non-privileged part of browser's built-in PDF reader, resulting in gaining access to sensitiv...

ManageEngine SupportCenter Plus Multiple Vulnerabilities (Jun 2015)

ManageEngine SupportCenter Plus is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Eisbär SCADA (All Versions) - Persistent UI Vulnerability

Document Title: =============== Eisbär SCADA All Versions - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1456 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 14...

SPSControl v1.2 iOS - (.spc) Persistent Vulnerability

Document Title: =============== SPSControl v1.2 iOS - .spc Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1404 Release Date: ============= 2015-01-16 Vulnerability Laboratory ID VL-ID: ==================================== 1404...

Folder Plus 2.5.1 iOS - Persistent XSS Vulnerability

No description provided by source. Document Title: =============== Folder Plus v2.5.1 iOS - Persistent Item Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1348 Release Date: ============= 2014-10-24 Vulnerability Laboratory ID VL-ID:...

ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability

Document Title: =============== ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1317 Release Date: ============= 2014-09-10 Vulnerability Laboratory ID VL-ID: ==================================== 13...

Easy FTP Pro 4.2 iOS - Script Code Inject Vulnerabilities

Document Title: =============== Easy FTP Pro 4.2 iOS - Script Code Inject Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1291 Release Date: ============= 2014-08-06 Vulnerability Laboratory ID VL-ID: ====================================...