samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Frog CMS 0.9.5 admin/ name cross site scripting

A vulnerability was found in Frog CMS 0.9.5. It has been rated as problematic. Affected by this issue is some processing of the file admin/?/snippet/add. The manipulation of the argument name as part of a Parameter leads to a cross site...
Auteur: VulDB

Guardzilla Smart Camera Cloud API User information disclosure

A vulnerability was found in Guardzilla Smart Camera (affected version unknown). It has been declared as problematic. Affected by this vulnerability is a code block of the component Cloud API. The manipulation with an unknown input leads to a...
Auteur: VulDB

Guardzilla GZ621W 0.5.1.4 Cloud Communication TK_set_deviceModel_req_handle memory corruption

A vulnerability was found in Guardzilla GZ621W 0.5.1.4. It has been classified as critical. Affected is the function TK_set_deviceModel_req_handle of the component Cloud Communication. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Guardzilla GZ180 Remote Upgrade version command injection

A vulnerability was found in Guardzilla GZ180 (unknown version) and classified as critical. This issue affects a part of the component Remote Upgrade. The manipulation of the argument version as part of a Parameter leads to a privilege...
Auteur: VulDB

UCMDB Configuration Management Service up to 2018.11 directory traversal

A vulnerability has been found in UCMDB Configuration Management Service and classified as critical. This vulnerability affects a functionality. The manipulation with an unknown input leads to a directory traversal vulnerability. The CWE...
Auteur: VulDB

react-dev-utils up to 1.0.3/2.0.1/3.1.1/4.2.1/5.0.3 on Windows Webserver Network Request cross site request forgery

A vulnerability, which was classified as problematic, has been found in react-dev-utils up to 1.0.3/2.0.1/3.1.1/4.2.1/5.0.3 on Windows. This issue affects some functionality of the component Webserver. The manipulation as part of a Network...
Auteur: VulDB

otfcc 0.10.3-alpha unicodeconv.c Unicode memory corruption

A vulnerability classified as critical was found in otfcc 0.10.3-alpha. This vulnerability affects the functionality in the library lib/support/unicodeconv/unicodeconv.c. The manipulation as part of a Unicode leads to a memory corruption...
Auteur: VulDB

Jasper 2.0.14 jp2 Converter denial of service

A vulnerability classified as problematic has been found in Jasper 2.0.14. This affects an unknown function of the component jp2 Converter. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the...
Auteur: VulDB

PHP League CommonMark library up to 0.18.0 cross site scripting

A vulnerability was found in PHP League CommonMark library up to 0.18.0. It has been rated as problematic. Affected by this issue is some processing. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE...
Auteur: VulDB

CIM install.php unknown vulnerability [CVE-2018-20614]

A vulnerability classified as critical has been found in CIM (version unknown). Affected is an unknown function of the file public\install\install.php. The impact remains unknown. CVE summarizes:public\install\install.php in CIM 0.9.3 allows...
Auteur: VulDB

TEMMOKU T1.09 Beta admin/user/add cross site request forgery

A vulnerability was found in TEMMOKU T1.09 Beta. It has been rated as problematic. This issue affects some processing of the file admin/user/add. The manipulation with an unknown input leads to a cross site request forgery vulnerability. Using...
Auteur: VulDB

UWA 2.3.11 index.php cross site request forgery

A vulnerability was found in UWA 2.3.11. It has been declared as problematic. This vulnerability affects a code block of the file index.php?g=admin&c=admin&a=add_admin_do. The manipulation with an unknown input leads to a cross site request...
Auteur: VulDB

imcat 4.4 Cookie binfo.php cross site scripting

A vulnerability was found in imcat 4.4. It has been classified as problematic. This affects code of the file root/tools/adbug/binfo.php?cookie of the component Cookie Handler. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

imcat 4.4 root/run/adm.php efile directory traversal

A vulnerability was found in imcat 4.4 and classified as critical. Affected by this issue is a part of the file root/run/adm.php. The manipulation of the argument efile with an unknown input leads to a directory traversal vulnerability. Using...
Auteur: VulDB

imcat 4.4 check.php information disclosure

A vulnerability has been found in imcat 4.4 and classified as problematic. Affected by this vulnerability is a functionality of the file root/tools/adbug/check.php. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

imcat 4.4 binfo.php information disclosure

A vulnerability, which was classified as problematic, was found in imcat 4.4. Affected is a function of the file root/tools/adbug/binfo.php?phpinfo1. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

imcat 4.4 binfo.php information disclosure

A vulnerability, which was classified as problematic, has been found in imcat 4.4. This issue affects some functionality of the file root/tools/adbug/binfo.php. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

imcat 4.4 dev.php information disclosure

A vulnerability classified as problematic was found in imcat 4.4. This vulnerability affects the functionality of the file dev.php?tools-ipaddr&api=Pcoln&uip. The manipulation with an unknown input leads to a information disclosure vulnerability...
Auteur: VulDB

imcat 4.4 root/run/adm.php privilege escalation

A vulnerability classified as critical has been found in imcat 4.4. This affects an unknown function of the file root/run/adm.php. The manipulation with an unknown input leads to a privilege escalation vulnerability (PHP Code Execution). CWE is...
Auteur: VulDB

LFCMS 3.8.6 directory traversal [CVE-2018-20604]

A vulnerability was found in LFCMS 3.8.6. It has been rated as problematic. Affected by this issue is some processing of the file admin.php?s=/Template/edit/path/*web*..*..*..*..*1.txt.html. The manipulation with an unknown input leads to a...
Auteur: VulDB

LFCMS 3.8.6 cross site request forgery [CVE-2018-20603]

A vulnerability was found in LFCMS 3.8.6. It has been declared as problematic. Affected by this vulnerability is a code block of the file admin.php?s=/Member/add.html. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB

LFCMS 3.8.6 /install.php information disclosure

A vulnerability was found in LFCMS 3.8.6. It has been classified as problematic. Affected is code of the file /install.php?s=/1. The manipulation with an unknown input leads to a information disclosure vulnerability (Path). CWE is classifying...
Auteur: VulDB

UCMS 1.4.7 index.php description cross site scripting

A vulnerability was found in UCMS 1.4.7 and classified as problematic. This issue affects a part of the file index.php. The manipulation of the argument description as part of a Parameter leads to a cross site scripting vulnerability. Using CWE...
Auteur: VulDB

UCMS 1.4.7 sadmin\cedit.php cross site scripting

A vulnerability has been found in UCMS 1.4.7 and classified as problematic. This vulnerability affects a functionality of the file sadmin\cedit.php. The manipulation with an unknown input leads to a cross site scripting vulnerability. The CWE...
Auteur: VulDB

UCMS 1.4.7 index.php privilege escalation

A vulnerability, which was classified as critical, was found in UCMS 1.4.7. This affects a function of the file index.php. The manipulation with an unknown input leads to a privilege escalation vulnerability (PHP Code Execution). CWE is...
Auteur: VulDB
First1017101810191020102110221023102410251026Last

Événements SSI