Drupal avatar_uploader v7.x-1.0-beta8 - Cross Site Scripting Vulnerability

Exploit Title: Drupal avataruploader v7.x-1.0-beta8 - Cross Site Scripting XSS Author: Milad karimi Software Link: https://www.drupal.org/project/avataruploader Version: v7.x-1.0-beta8 Tested on: Windows 10 CVE: N/A 1. Description: This plugin creates a avataruploader from any post types. The...

CVE-2020-12083

An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to and including 2020 R1 7.11.0-64...

CVE-2020-12083

An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to and including 2020 R1 7.11.0-64...

CVE-2020-12082

CVE-2020-12082 affects the Web UI of Code Insight v7.x up to 2020 R1 (7.11.0-64), with a stored cross-site scripting (XSS) flaw. The Red Hat/EUVD/NVD entries corroborate a stored XSS in the Code Insight web UI, arising from unvalidated user data in certain UI areas. The available sources do not p...

CVE-2020-14341

CVE-2020-14341 affects Red Hat Single Sign On (RHSSO) v7.x: the Test Connection feature in the console can cause SMTP connections to arbitrary hosts/ports from the RHSSO installation. This creates a timing side‑channel where an authorized user may infer information about hosts/ports they cannot s...

Ahsay Backup 7.x / 8.x File Upload / Remote Code Execution

Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. Metasploit Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81150/cbs-win.exe Version: 7.x 'Ahsay Backup...

Security Bulletin: A security vulnerability has been identified in WebSphere v6.1 and v7.x shipped with InfoSphere Warehouse v9.5, V9.7, V10.1,and v10.5 (CVE-2014-0114)

Summary WebSphere v6.1 and WebSphere v7.x is shipped as a component of InfoSphere Warehouse v9.5, V9.7, V10.1,and v10.5 . Information about a security vulnerability affecting WebSphere v6.1 and WebSphere v7.x has been published in a security bulletin. Vulnerability Details Please consult the...

[MailPasswordDecryptor v4.0] All-in-one eMail Password Recovery Software

Mail Password Decryptor is the FREE software to instantly recover Mail Account passwords from popular email clients and other desktop applications. You can recover your lost password for email accounts like Gmail, Yahoo Mail, Hotmail or Windows Live Mail from email applications such as Microsoft...

Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability (0Day)

Document Title: =============== Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1099 Bulletin: Dell SonicWALL GMS Service Bulletin for Cross-Site Scripting Vulnerability...