25 matches found
CVE-2020-9270
ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php...
CVE-2020-9271
ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php...
CVE-2020-9271
Ice Hrm 26.2.0 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that can lead to user creation via service.php. The issue is documented across multiple sources (NVD, Red Hat, CNVD, OSV, etc.) with consistent description: unauthenticated CSRF could cause a legitimate user action to...
CVE-2014-3542
Moodle’s mod/lti/service.php in versions up to 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 is affected by an XML External Entity (XXE) issue. The vulnerability allows remote attackers to read arbitrary files via an XML entity declaration combined wi...
Unfixed XSS vulnerability at www.totalwellbeing.ie
Security researcher BackDoor, has submitted on 30/05/2008 a cross-site-scripting XSS vulnerability affecting www.totalwellbeing.ie, which at the time of submission ranked 3775740 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/06/2008. It is...