4 matches found
Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities allowing complete bypass product: Faronics WINSelect Standard + Enterprise vulnerable version: 8.30.xx.903 fixed version: 8.30.xx.903 CVE number:...
Progress Sitefinity 10.0 / 10.1 Broken Access Control / LINQ Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Broken access control & LINQ injection product: Progress Sitefinity vulnerable version: 10.0, 10.1 fixed version: =10.1.6527.0 internal build, 10.2 CVE number: - impact:...
I, Librarian 4.6/4.7 - Command Injection / Server Side Request Forgery / Directory Enumeration / Cross-Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: I, Librarian PDF manager vulnerable version: =4.6 & 4.7 fixed version: 4.8 CVE number: - impact: Critical homepage:...
MyBB 1.8.10 Server-Side Request Forgery
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Server Side Request Forgery SSRF Vulnerability product: MyBB vulnerable version: 1.8.10 fixed version: 1.8.11 CVE number: CVE-2017-7566 impact: Medium homepage:...