120 matches found
CVE-2020-17385
Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system...
CVE-2020-17386
Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system...
Path traversal
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system...
Information disclosure
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system...
PT-2020-14936 · Cellopoint · Cellopoint Cellos
Name of the Vulnerable Software and Affected Versions: Cellopoint Cellos version 4.1.10 Build 20190922 Description: The issue allows unauthorized users to launch a Path Traversal attack due to improper validation of URL input, enabling access to arbitrary files on the system. Recommendations: For...
PT-2020-14937 · Cellopoint · Cellopoint Cellos
Name of the Vulnerable Software and Affected Versions: Cellopoint Cellos version 4.1.10 Build 20190922 Description: The issue concerns improper validation of URL input. An attacker can manipulate the URL parameter using the cookie of an authenticated user to access arbitrary files on the system...
PT-2020-14935 · Cellopoint · Cellopoint Cellos
Name of the Vulnerable Software and Affected Versions: Cellopoint Cellos version 4.1.10 Build 20190922 Description: The issue arises from improper validation of URL input. An attacker can exploit this by injecting and remotely executing arbitrary commands to manipulate the system, provided they...
CVE-2020-7008
CVE-2020-7008 affects VISAM VBASE Editor 11.5.0.2 and VBASE Web-Remote Module. A path traversal vulnerability lets an attacker supply unverified URL input to read arbitrary local files. Red Hat and CVE records confirm the issue and ICS/CISA advisories reference the same affected products. Mitigat...
CVE-2019-16985
In FusionPBX up to v4.5.7, the file app\xmlcdr\xmlcdrdelete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system...
GitLab: Stored XSS for Grafana dashboard URL
Hi GitLab Security Team Summary I found a stored XSS vulnerability in the admins page. The administrator can set up a Grafana dashboard. Here, the administrator can either enter a relative URL or an absolute address. However, when adding an absolute URL, the protocol is not checked allowing to ad...
CVE-2019-0337
Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting XSS vulnerability...
DEBIAN-CVE-2019-7329
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...
WordPress Multiple Vulnerabilities (Dec 2018) - Linux
WordPress is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Directory traversal
Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host...
CVE-2017-1000448
Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host...
CVE-2017-1000448
CVE-2017-1000448 affects Structured Data Linter, versions 2.4.1 and older. The root cause is a directory traversal vulnerability in the URL input field, which can disclose information about the remote host. Public documentation in the provided sources confirms the vulnerability and affected versi...
CVE-2017-1000448
Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host...
Open Redirect
phpBB is vulnerable to open redirects. The library does not properly check user input URLs, allowing a malicious user to redirect users using the Google Chrome Browser to a malicious website...
USN-3275-1 openjdk-8 vulnerabilities
It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java application to perform actions with the credentials of a different user. CVE-2017-3509 It was discovered that an untrusted library search path fl...
Radancy: XSS
https://werkenbijdefensie.nl/vacatures/kla03vc%3cimg%20src%3da%20onerror%3dalert1%3ehm505/bouw/ The value of the URL path folder 2 is copied into the HTML document as plain text between tags. The payload a03vchm505 was submitted in the URL path folder 2. This input was echoed unmodified in the...