174 matches found
Ampache Cross-Site Scripting Vulnerability
Ampache is a web-based audio/video application and file manager. A cross-site scripting vulnerability exists in Ampache. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit the vulnerability to execute client-side code...
Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers. Instead, it was secretly planted by an unknown hacker who successfully managed ...
JetBrains Hub Information Disclosure Vulnerability
JetBrains Hub is a web-based application from the Czech company JetBrains. The program is capable of integrating multiple JetBrains team tools together. An information disclosure vulnerability exists in versions prior to JetBrains Hub 2018.4.11298. The vulnerability stems from errors such as...
Fedora Update for php-horde-nag FEDORA-2018-8ab75bcc08
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection
Exploit Title: Rukovoditel Project Management CRM 2.4.1 - 'listsid' SQL Injection Dork: N/A Date: 27-01-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/ Version: 2.4.1 Category: Webapps Tested on: Wampp...
Rukovoditel Project Management CRM 2.4.1 - lists_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Rukovoditel Project Management CRM 2.4.1 - 'listsid' SQL Injection Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/ Version: 2.4.1 Categor...
Unspecified Vulnerability in Oracle Hospitality Reporting and Analytics (CNVD-2019-36662)
Oracle Hospitality Reporting and Analytics is a web-based application that centralizes point-of-sale POS data, provides operational and analytical insights into business operations, and improves efficiencies by delivering information to all roles within an organization. An unspecified vulnerabili...
CVE-2017-9654
CVE-2017-9654 affects Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069, where login credentials are stored in clear text within backend system files (CWE-312). The NVD entry notes a CVSS v3 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high imp...
[SECURITY] Fedora 26 Update: php-horde-nag-4.2.17-1.fc26
Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...
[SECURITY] Fedora 25 Update: php-horde-nag-4.2.15-1.fc25
Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...
CVE-2017-6733
CVE-2017-6733 affects Cisco Identity Services Engine (ISE) web portal. The issue is a stored cross-site scripting (XSS) vulnerability in the web-based application interface that could be exploited by an unauthenticated, remote attacker to target users of the web interface. Affected releases liste...
OV3 Online Administration 3.0 Authenticated Code Execution
!-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data management, the course is set for scalable, flexible and...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
HP Smart Storage Administrator command injection
Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...
Navis WebAccess - SQL injection vulnerability
No description provided by source. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Product - Navis WebAccess - SQL Injection Date - 8/8/2016 Author - bRpsd Skype: vegnox Vendor HomePage - http://www.navis.com/ Product Download - http://navis.com/prwebaccess.jsp currently under...
Navis Webaccess - SQL Injection
Exploit for php platform in category web applications @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Product - Navis WebAccess - SQL Injection Date - 8/8/2016 Author - bRpsd Skype: vegnox Vendor HomePage - http://www.navis.com/ Product Download - http://navis.com/prwebaccess.jsp...
Navis WebAccess SQL Injection
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Product - Navis WebAccess - SQL Injection Date - 8/8/2016 Author - bRpsd Skype: vegnox Vendor HomePage - http://www.navis.com/ Product Download - http://navis.com/prwebaccess.jsp currently under maintenance Product Version - Express/All...
MS16-091: Description of the security update for the .NET Framework 4.5.2 in Windows Server 2012: July 12, 2016
MS16-091: Description of the security update for the .NET Framework 4.5.2 in Windows Server 2012: July 12, 2016 View products that this article applies to. Summary This update resolves a vulnerability in the Microsoft .NET Framework. The vulnerability could cause information disclosure if an...
TeemIp - IP Address Management Solution
All network administrators do recognize how important it is to have a well managed IP space: a comprehensive and up to date inventory of all subnets and IPs used in a network as well as clear and simple processes to request, change or release IPs are underlying key factors for a trouble free...
Loxone Smart Home Denial of Service Vulnerability
Loxone Smart Home is a WEB-based application. A denial of service vulnerability exists in Loxone Smart Home, which allows attackers to bypass certain security restrictions and launch denial of service attacks...