Teclib GLPI Cross-Site Scripting Vulnerability (CNVD-2020-29626)

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A cross-site scripting vulnerability exists in Teclib GLPI. The vulnerabilit...

Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2019-12700)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.10.1, which originates from...

Materialize Cross-Site Scripting Vulnerability

Materialize is a modern responsive front-end framework based on Material Design. A cross-site scripting vulnerability exists in Materialize 1.0.0 and prior versions, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability...

(0Day) INVT Electric VT-Designer File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...

Path traversal

626 node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path...