HJSoft HCM Human Resources Management System 注入漏洞

HJSoft HCM Human Resources Management System is a human resources management software developed by individual developers of China Hongjing HJSoft. A SQL injection vulnerability exists in HJSoft HCM Human Resources Management System 20250822 and earlier versions, which originates from the file...

CVE-2021-37417

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation...

Citrix Workspace App for Windows - Blank window and no authentication prompt

Citrix Workspace App for Windows SelfService does not display authentication prompt. It stays with a blank screen. End user can browse the store URL, login and launch apps/desktops successfully...

MAL-2024-950 Malicious code in diil-selfservice-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be3632254a6cd21edaffb63ace342ea00667ca30b7c8f9d01f929d76932adfb9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in diil-selfservice-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be3632254a6cd21edaffb63ace342ea00667ca30b7c8f9d01f929d76932adfb9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ZOHO ManageEngine ADSelfService Plus 访问控制错误漏洞

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. An access control error vulnerability exists in ZOHO ManageEngine ADSelfService Plus version 6113 and prior versions, which stems fro...

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

The U.S. Cybersecurity & Infrastructure Security Agency has published its report on the top exploited vulnerabilities of 2021. This blog summarizes the report’s findings and how you can use Qualys VMDR to automatically detect and remediate these risks in your enterprise environment. The...

Silent Command Line Upgrades of Workspace App without SelfService Fail Abruptly

Scenario: a command line installation of Workspace App where the/Silent parameter is used will simply stop within 30 seconds. This might occur during installations from the command line or through some management platform for example: SCCM, or BigFix or even Windows Active-Directory Group Policy...

Zoho ManageEngine ADManager Plus, ADSelfService Plus and DesktopCentral Permission License and Access Control Issues Vulnerabilities

ZOHO ManageEngine ADSelfService Plus and others are products of ZOHO Corporation.ZOHO ManageEngine ADSelfService Plus is a Web-based end-user password management software.ZOHO ManageEngine ADManager ZOHO ManageEngine ADManager Plus is a set of Microsoft Active Directory management software design...

app.secure.griffith.edu.au XSS vulnerability

Open Bug Bounty ID: OBB-555935 Description| Value ---|--- Affected Website:| app.secure.griffith.edu.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities

No description provided by source. Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System:...

Cross site scripting

Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...

CVE-2014-4164

Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...

Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities

Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System: ==================================== 6.5 Introduction:...

Freeside SelfService CGIAPI 2.3.3 - Multiple Vulnerabilities

Freeside SelfService CGIAPI 2.3.3 - Multiple Vulnerabilities Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System:...

Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities

Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System: ==================================== 6.5 Introduction:...

Freeside SelfService CGI|API 2.3.3 Cross Site Scripting / SQL Injection

Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System: ==================================== 6.5 Introduction:...

Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Billing, ticketing, reporting and configuration for employees...

Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities

Document Title: =============== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=614 Release Date: ============= 2012-06-13 Vulnerability Laboratory ID VL-ID: ==================================...

Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities

Document Title: =============== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=614 Release Date: ============= 2012-06-13 Vulnerability Laboratory ID VL-ID: ==================================...