Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

w8tcha oEmbed Plugin on CKEditor plugin.js unknown vulnerability

A vulnerability was found in w8tcha oEmbed Plugin on CKEditor and classified as problematic. Affected by this issue is a part of the file plugin.js. The impact remains unknown. CVE summarizes:plugin.js in the w8tcha oEmbed plugin before...
Auteur: VulDB

Veritas NetBackup Appliance up to 3.1.2 Web Console Password information disclosure

A vulnerability has been found in Veritas NetBackup Appliance up to 3.1.2 (Backup Software) and classified as problematic. Affected by this vulnerability is a functionality of the component Web Console. The manipulation with an unknown input...
Auteur: VulDB

Veritas NetBackup Appliance up to 3.1.2 Web Console Password information disclosure

A vulnerability, which was classified as problematic, was found in Veritas NetBackup Appliance up to 3.1.2 (Backup Software). Affected is a function of the component Web Console. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Linux Kernel up to 5.0.2 inotify_user.c inotify_update_existing_watch() denial of service

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.0.2 (Operating System). This issue affects the function inotify_update_existing_watch() of the file fs/notify/inotify/inotify_user.c. The manipulation ...
Auteur: VulDB

Doorkeeper::OpenidConnect up to 1.4.x/1.5.3 Open Redirect [CVE-2019-9837]

A vulnerability classified as problematic was found in Doorkeeper::OpenidConnect up to 1.4.x/1.5.3. This vulnerability affects the functionality. The manipulation with an unknown input leads to a privilege escalation vulnerability (Redirect)....
Auteur: VulDB

Humhub Community Edition 1.3.10 /s/adada/cfiles/upload cross site scripting

A vulnerability classified as problematic has been found in Humhub Community Edition 1.3.10. This affects an unknown function of the file /s/adada/cfiles/upload. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Humhub Community Edition 1.3.10 filename Reflected cross site scripting

A vulnerability was found in Humhub Community Edition 1.3.10. It has been rated as problematic. Affected by this issue is some processing. The manipulation of the argument filename as part of a Parameter leads to a cross site scripting...
Auteur: VulDB

BlackBerry AtHoc up to 7.6 Management System XML Data XML External Entity

A vulnerability was found in BlackBerry AtHoc up to 7.6. It has been declared as critical. Affected by this vulnerability is a code block of the component Management System. The manipulation as part of a XML Data leads to a privilege escalation...
Auteur: VulDB

VertrigoServ 2.17 /inc/extensions.php ext cross site scripting

A vulnerability was found in VertrigoServ 2.17. It has been classified as problematic. Affected is code of the file /inc/extensions.php. The manipulation of the argument ext as part of a Parameter leads to a cross site scripting vulnerability....
Auteur: VulDB

QEMU up to 3.1.0 Hypervisor hw/ppc/spapr.c information disclosure

A vulnerability was found in QEMU up to 3.1.0 (Virtualization Software) and classified as problematic. This issue affects a part of the file hw/ppc/spapr.c of the component Hypervisor. The manipulation with an unknown input leads to a...
Auteur: VulDB

PayPal Checkout Payment Gateway Plugin 1.6.8 on Woocommerce cgi-bin/webscr amount privilege escalation

A vulnerability has been found in PayPal Checkout Payment Gateway Plugin 1.6.8 on Woocommerce and classified as critical. This vulnerability affects a functionality of the file cgi-bin/webscr?cmd=_cart. The manipulation of the argument amount as...
Auteur: VulDB

JioFi 4G M2S 1.0.2 Wi-Fi Settings cgi-bin/qcmap_web_cgi) Key cross site request forgery

A vulnerability, which was classified as problematic, was found in JioFi 4G M2S 1.0.2. This affects a function of the file cgi-bin/qcmap_web_cgi) of the component Wi-Fi Settings Handler. The manipulation of the argument Key as part of a Request...
Auteur: VulDB

JioFi 4G M2S 1.0.2 cgi-bin/qcmap_web_cgi mask denial of service

A vulnerability, which was classified as problematic, has been found in JioFi 4G M2S 1.0.2. Affected by this issue is some functionality of the file cgi-bin/qcmap_web_cgi. The manipulation of the argument mask as part of a POST Parameter leads...
Auteur: VulDB

JioFi 4G M2S 1.0.2 cgi-bin/qcmap_web_cgi mask cross site scripting

A vulnerability classified as problematic was found in JioFi 4G M2S 1.0.2. Affected by this vulnerability is the functionality of the file cgi-bin/qcmap_web_cgi. The manipulation of the argument mask as part of a POST Parameter leads to a cross...
Auteur: VulDB

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 Search Reflected cross site scripting

A vulnerability classified as problematic has been found in PHP Scripts Mall Opensource Classified Ads Script 3.2.2 (Programming Language Software). Affected is an unknown function. The manipulation of the argument Search with an unknown input...
Auteur: VulDB

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 directory traversal

A vulnerability was found in PHP Scripts Mall Opensource Classified Ads Script 3.2.2 (Programming Language Software). It has been rated as problematic. This issue affects some processing. The manipulation with an unknown input leads to a...
Auteur: VulDB

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 Search Form HTML Injection cross site scripting

A vulnerability was found in PHP Scripts Mall Opensource Classified Ads Script 3.2.2 (Programming Language Software). It has been declared as problematic. This vulnerability affects a code block of the component Search Form. The manipulation ...
Auteur: VulDB

PHP Scripts Mall Rental Bike Script 2.0.3 directory traversal

A vulnerability was found in PHP Scripts Mall Rental Bike Script 2.0.3 (Programming Language Software). It has been classified as problematic. This affects code. The manipulation with an unknown input leads to a directory traversal...
Auteur: VulDB

PHP Scripts Mall Rental Bike Script 2.0.3 Profile Edit STREET HTML Injection cross site scripting

A vulnerability has been found in PHP Scripts Mall Rental Bike Script 2.0.3 (Programming Language Software) and classified as problematic. Affected by this vulnerability is a functionality of the component Profile Edit. The manipulation of the...
Auteur: VulDB

PHP Scripts Mall Rental Bike Script 2.0.3 Edit Profile cross site request forgery

A vulnerability was found in PHP Scripts Mall Rental Bike Script 2.0.3 (Programming Language Software) and classified as problematic. Affected by this issue is a part of the component Edit Profile. The manipulation with an unknown input leads to...
Auteur: VulDB

PHP Scripts Mall Image Sharing Script 1.3.4 directory traversal

A vulnerability, which was classified as problematic, was found in PHP Scripts Mall Image Sharing Script 1.3.4 (Programming Language Software). Affected is a function. The manipulation with an unknown input leads to a directory traversal...
Auteur: VulDB

PHP Scripts Mall Image Sharing Script 1.3.4 Search Bar HTML Injection cross site scripting

A vulnerability, which was classified as problematic, has been found in PHP Scripts Mall Image Sharing Script 1.3.4 (Programming Language Software). This issue affects some functionality of the component Search Bar. The manipulation with an...
Auteur: VulDB

PHP Scripts Mall Property Rental Software 2.1.4 08 directory traversal

A vulnerability classified as problematic was found in PHP Scripts Mall Property Rental Software 2.1.4 (Programming Language Software). This vulnerability affects the functionality of the file wp-content/uploads/2016/08. The manipulation with an...
Auteur: VulDB

Zoho ManageEngine ManageEngine Netflow Analyzer 7.0.0.2 linkdownalertConfig.jsp task cross site scripting

A vulnerability classified as problematic has been found in Zoho ManageEngine ManageEngine Netflow Analyzer 7.0.0.2. This affects an unknown function of the file /netflow/jspui/linkdownalertConfig.jsp. The manipulation of the argument task as...
Auteur: VulDB

Zoho ManageEngine ManageEngine Netflow Analyzer 7.0.0.2 /netflow/jspui/index.jsp Parameter cross site scripting

A vulnerability was found in Zoho ManageEngine ManageEngine Netflow Analyzer 7.0.0.2. It has been rated as problematic. Affected by this issue is some processing of the file /netflow/jspui/index.jsp. The manipulation of the argument...
Auteur: VulDB
First1730173117321733173417351736173717381739Last

Événements SSI