vendredi 3 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Tenda AC9/AC18 POST Request __fastcall usbName privilege escalation

A vulnerability was found in Tenda AC9 and AC18 (the affected version is unknown). It has been rated as critical. Affected by this issue is the function __fastcall of the component POST Request Handler. The manipulation of the argument usbName...
Auteur: VulDB

YUNUCMS 1.1.5 editsitelink cross site scripting

A vulnerability was found in YUNUCMS 1.1.5. It has been classified as problematic. Affected is an unknown function of the file admin/sitelink/editsitelink?id=16. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

YUNUCMS 1.1.5 editbanner cross site scripting

A vulnerability was found in YUNUCMS 1.1.5 and classified as problematic. This issue affects an unknown function of the file admin/banner/editbanner?id=20. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

YUNUCMS 1.1.5 editcategory cross site scripting

A vulnerability has been found in YUNUCMS 1.1.5 and classified as problematic. This vulnerability affects an unknown function of the file index.php/admin/category/editcategory?id=73. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

YUNUCMS 1.1.5 110000 cross site scripting

A vulnerability, which was classified as problematic, was found in YUNUCMS 1.1.5. This affects an unknown function of the file index.php/admin/area/editarea/id/110000. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

YUNUCMS 1.1.5 editcontent cross site scripting

A vulnerability, which was classified as problematic, has been found in YUNUCMS 1.1.5. Affected by this issue is an unknown function of the file admin/content/editcontent?id=29&gopage=1. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

YUNUCMS 1.1.5 admin/link/editlink cross site scripting

A vulnerability classified as problematic was found in YUNUCMS 1.1.5. Affected by this vulnerability is an unknown function of the file admin/link/editlink?id=5. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

YUNUCMS 1.1.5 basic cross site scripting

A vulnerability classified as problematic has been found in YUNUCMS 1.1.5. Affected is an unknown function of the file index.php/admin/system/basic. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

gThumb up to 3.6.2 dlg-contact-sheet.c add_themes_from_dir memory corruption

A vulnerability was found in gThumb up to 3.6.2. It has been rated as critical. This issue affects the function add_themes_from_dir of the file dlg-contact-sheet.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Eleanor CMS up to 2015-03-19 ajax.php query cross site scripting

A vulnerability was found in Eleanor CMS up to 2015-03-19. It has been declared as problematic. This vulnerability affects an unknown function of the file ajax.php. The manipulation of the argument query with an unknown input leads to a cross...
Auteur: VulDB

WUZHI CMS 4.1.0 index.php cross site request forgery

A vulnerability was found in WUZHI CMS 4.1.0 and classified as problematic. Affected by this issue is an unknown function of the file index.php?m=member&f=index&v=edit&uid=1. The manipulation with an unknown input leads to a cross site request...
Auteur: VulDB

WUZHI CMS 4.1.0 index.php cross site request forgery

A vulnerability has been found in WUZHI CMS 4.1.0 and classified as problematic. Affected by this vulnerability is an unknown function of the file index.php?m=core&f=panel&v=edit_info. The manipulation with an unknown input leads to a cross site...
Auteur: VulDB

PhpTpoint Hospital Management System index.php rno sql injection

A vulnerability was found in PhpTpoint Hospital Management System (the affected version is unknown). It has been declared as critical. Affected by this vulnerability is an unknown function of the file index.php. The manipulation of the argument...
Auteur: VulDB

PhpTpoint Pharmacy Management System index.php username sql injection

A vulnerability was found in PhpTpoint Pharmacy Management System (the affected version is unknown). It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username as part of...
Auteur: VulDB

PhpTpoint Mailing Server Using File Handling 1.0 Login Page home.php coninb/consent/contrsh/condrft/conspam directory traversal

A vulnerability was found in PhpTpoint Mailing Server Using File Handling 1.0 and classified as critical. This issue affects an unknown function of the file Mailserver_filesystem/home.php of the component Login Page. The manipulation of the...
Auteur: VulDB

iCMS 7.0.11 spider.admincp.php sql injection

A vulnerability has been found in iCMS 7.0.11 and classified as critical. This vulnerability affects an unknown function of the file spider.admincp.php. The manipulation with an unknown input leads to a sql injection vulnerability. The CWE...
Auteur: VulDB

GNU binutils 2.31 GNU libiberty cp-demangle.c next_is_type_qual() ELF File denial of service

A vulnerability, which was classified as problematic, was found in GNU binutils 2.31. This affects the function next_is_type_qual() of the file cp-demangle.c of the component GNU libiberty. The manipulation as part of a ELF File leads to a...
Auteur: VulDB

GNU binutils 2.31 GNU libiberty cp-demangle.c d_name()/d_encoding()/d_local_name() denial of service

A vulnerability, which was classified as problematic, has been found in GNU binutils 2.31. Affected by this issue is the function d_name()/d_encoding()/d_local_name() of the file cp-demangle.c of the component GNU libiberty. The manipulation ...
Auteur: VulDB

GoPro gpmf-parser 1.2.1 GPMF_mp4reader.c OpenMP4Source memory corruption

A vulnerability classified as critical was found in GoPro gpmf-parser 1.2.1. Affected by this vulnerability is the function OpenMP4Source of the file GPMF_mp4reader.c. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

OpenSSL up to 1.1.0i/1.1.1 ECDSA Side-Channel weak encryption

A vulnerability was found in OpenSSL up to 1.1.0i/1.1.1. It has been rated as critical. This issue affects an unknown function of the component ECDSA. The manipulation with an unknown input leads to a weak encryption vulnerability...
Auteur: VulDB

ProjectSend r582 actions.log.export.php privilege escalation

A vulnerability was found in ProjectSend r582. It has been declared as critical. This vulnerability affects an unknown function of the file includes/actions.log.export.php. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

ProjectSend r582 process-zip-download.php file directory traversal

A vulnerability was found in ProjectSend r582. It has been classified as critical. This affects an unknown function of the file process-zip-download.php. The manipulation of the argument file with the input value ../ leads to a directory...
Auteur: VulDB

ProjectSend r582 users.php Parameter weak authentication

A vulnerability was found in ProjectSend r582 and classified as critical. Affected by this issue is an unknown function of the file users.php. The manipulation as part of a Parameter leads to a weak authentication vulnerability. Using CWE to...
Auteur: VulDB

ProjectSend r582 manage-files.php status sql injection

A vulnerability has been found in ProjectSend r582 and classified as critical. Affected by this vulnerability is an unknown function of the file manage-files.php. The manipulation of the argument status as part of a Parameter leads to a sql...
Auteur: VulDB

Tenda AC7/AC10/AC15 Web Server deviceList Stack-based memory corruption

A vulnerability was found in Tenda AC7, AC10 and AC15 (the affected version is unknown). It has been declared as critical. Affected by this vulnerability is an unknown function of the component Web Server. The manipulation of the argument...
Auteur: VulDB
First1114111511161117111811191120112111221123Last

Événements SSI