5 matches found
PT-2024-32280 · Apache · Apache Roller
Name of the Vulnerable Software and Affected Versions: Apache Roller versions prior to 6.1.4 Description: A Cross-site Resource Forgery CSRF and privilege escalation vulnerability exists in Apache Roller. On multi-blog/user Roller websites, weblog owners are trusted to publish arbitrary weblog...
PT-2023-30784 · WordPress · Awesome Support
Name of the Vulnerable Software and Affected Versions: Awesome Support – WordPress HelpDesk & Support Plugin versions n/a through 6.1.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. Recommendations: For versions n/a through...
PT-2021-17161 · Hitachi Abb Power Grids · Esoms
Name of the Vulnerable Software and Affected Versions: Hitachi ABB Power Grids eSOMS versions prior to 6.0.4.2.2 Hitachi ABB Power Grids eSOMS versions prior to 6.1.4 Hitachi ABB Power Grids eSOMS versions prior to 6.3 Description: The issue allows an unauthorized user to gain access to report da...
PT-2019-8138 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.4-15217-3 Description: A cross-site scripting XSS issue exists, allowing remote authenticated users to inject arbitrary web script or HTML. This is due to insufficient validation of user...
PT-2017-14150 · Apache · Apache Qpid Broker-J
Name of the Vulnerable Software and Affected Versions: Apache Qpid Broker-J versions 6.1.0 through 6.1.4 Description: The issue arises from the broker's failure to properly enforce a maximum frame size in AMQP 1.0 frames, allowing a remote unauthenticated attacker to cause the broker to exhaust a...