12 matches found
ProjeQtOr code-related vulnerabilities
ProjeQtOr is a project management software developed by the French company ProjeQtOr. Version 9.1.4 of ProjeQtOr contains a code vulnerability; this vulnerability stems from insufficient validation of the file upload function, which may allow arbitrary code to be executed...
CVE-2025-41000
Cross-Frame Scripting XFS vulnerability in BoomCMS v9.1.4 from UXB London. XFS is a web attack technique that exploits specific browser bugs to spy on users via JavaScript. This type of attack is based on social engineering and depends entirely on the browser chosen by the user, so it is perceive...
CVE-2025-41000 Cross-Frame Scripting (XFS) in BoomCMS
Cross-Frame Scripting XFS vulnerability in BoomCMS v9.1.4 from UXB London. XFS is a web attack technique that exploits specific browser bugs to spy on users via JavaScript. This type of attack is based on social engineering and depends entirely on the browser chosen by the user, so it is perceive...
BoomCMS 安全漏洞
BoomCMS is a content management platform from Boom Open Source. A security vulnerability exists in BoomCMS version v9.1.4, which stems from vulnerability to cross-framework scripting attacks and may lead to user information disclosure...
CVE-2025-24623 WordPress Really Simple Security plugin <= 9.1.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Cross Site Request Forgery.This issue affects Really Simple SSL: from n/a through = 9.1.4...
CVE-2024-29946 Risky command safeguards bypass in Dashboard Examples Hub
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into...
PT-2024-2533 · Splunk · Splunk Enterprise
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.1 Splunk Enterprise versions prior to 9.1.4 Splunk Enterprise versions prior to 9.0.9 Description: The issue is related to the lack of protections for risky SPL commands in the Dashboard Examples Hub...
CVE-2022-40743 Apache Traffic Server: Security issues with the xdebug plugin
Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Analytics
Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 7 used by IBM Spectrum LSF Analytics. IBM Spectrum LSF Analytics has addressed the applicable CVEs. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products an...
Security Bulletin: IBM MQ Appliance is affected by inclusion of sensitive data within trace (CVE-2019-4731)
Summary IBM MQ Appliance has addressed the following inclusion of sensitive data within trace vulnerability. Vulnerability Details CVEID: CVE-2019-4731 DESCRIPTION: IBM MQ Appliance could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. CV...
IBM Datacap Fastdoc Capture Authentication Bypass Vulnerability
IBM Datacap Fastdoc Capture is a suite of image document indexing solutions from IBM USA. The product has automatic document recognition and text recognition and other functions. An authentication bypass vulnerability exists in IBM Datacap Fastdoc Capture versions 9.1.1, 9.1.3, and 9.1.4, which c...
IBM Remote Control Elevation of Privilege Vulnerability
IBM Remote Control is a remote control management program from IBM USA. The program is able to remotely manage and control a large number of servers or PCs. An elevation of privilege vulnerability exists in IBM Remote Control version 9.1.4. A local attacker can exploit this vulnerability to execu...