Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Linksys E1200/E2500 Web Portal apply.cgi start_lltd machine_name command injection

A vulnerability, which was classified as critical, has been found in Linksys E1200 and E2500 (the affected version is unknown). Affected by this issue is the function start_lltd of the file apply.cgi of the component Web Portal. The manipulation...
Auteur: VulDB

JTBC(PHP) 3.0 manage.php cross site request forgery

A vulnerability classified as problematic was found in JTBC(PHP) 3.0. Affected by this vulnerability is an unknown function of the file console/account/manage.php?type=action&action=add. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

litemall 0.9.0 WxStorageController.java directory traversal

A vulnerability classified as problematic has been found in litemall 0.9.0. Affected is an unknown function of the file linlinjava/litemall/wx/web/WxStorageController.java. The manipulation with the input value ../ leads to a directory traversal...
Auteur: VulDB

DESTOON B2B 7.0 admin/category.inc.php category[catname] cross site scripting

A vulnerability was found in DESTOON B2B 7.0. It has been rated as problematic. This issue affects an unknown function of the file admin/category.inc.php. The manipulation of the argument category[catname] as part of a Parameter leads to a cross...
Auteur: VulDB

DESTOON B2B 7.0 admin.php cross site request forgery

A vulnerability was found in DESTOON B2B 7.0. It has been declared as problematic. This vulnerability affects an unknown function of the file admin.php. The manipulation with an unknown input leads to a cross site request forgery vulnerability....
Auteur: VulDB

DESTOON B2B 7.0 admin.php cross site scripting

A vulnerability was found in DESTOON B2B 7.0. It has been classified as problematic. This affects an unknown function of the file admin.php?moduleid=2&action=add. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

DESTOON B2B 7.0 admin\setting.inc.php cross site scripting

A vulnerability was found in DESTOON B2B 7.0 and classified as problematic. Affected by this issue is an unknown function of the file admin\setting.inc.php. The manipulation with an unknown input leads to a cross site scripting vulnerability....
Auteur: VulDB

S-Cms 3.0 member/post.php 0_id sql injection

A vulnerability has been found in S-Cms 3.0 and classified as critical. Affected by this vulnerability is an unknown function of the file member/post.php. The manipulation of the argument 0_id as part of a Parameter leads to a sql injection...
Auteur: VulDB

UsualToolCMS 8.0 a_adminx.php cross site request forgery

A vulnerability, which was classified as problematic, has been found in UsualToolCMS 8.0. This issue affects an unknown function of the file cmsadmin/a_adminx.php?x=a. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB

tcpflow 1.5.0 iptree.h setbit() memory corruption

A vulnerability classified as critical was found in tcpflow 1.5.0. This vulnerability affects the function setbit() of the file iptree.h. The manipulation with an unknown input leads to a memory corruption vulnerability (Stack-based). The CWE...
Auteur: VulDB

tcpreplay 4.3.0 beta1 tcpbridge tcpbridge.c post_args() memory corruption

A vulnerability classified as critical has been found in tcpreplay 4.3.0 beta1. This affects the function post_args() of the file tcpbridge.c of the component tcpbridge. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

tcpreplay 4.3.0 beta1 tcpreplay-edit incremental_checksum.h csum_replace4() memory corruption

A vulnerability was found in tcpreplay 4.3.0 beta1. It has been rated as critical. Affected by this issue is the function csum_replace4() of the file incremental_checksum.h of the component tcpreplay-edit. The manipulation with an unknown input...
Auteur: VulDB

Support Board - Chat And Help Desk Plugin 1.2.3 on WordPress File Upload /wp-admin/admin-ajax.php msg cross site scripting

A vulnerability was found in Support Board - Chat And Help Desk Plugin 1.2.3 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown function of the file /wp-admin/admin-ajax.php of the component File...
Auteur: VulDB

KAASoft Library CMS - Powerful Book Management System 2.1.1 /admin/book/create/ title cross site scripting

A vulnerability was found in KAASoft Library CMS - Powerful Book Management System 2.1.1. It has been classified as problematic. Affected is an unknown function of the file /admin/book/create/. The manipulation of the argument title as part of a...
Auteur: VulDB

Zoho ManageEngine OpManager up to 12.2 cross site scripting [CVE-2018-18262]

A vulnerability was found in Zoho ManageEngine OpManager up to 12.2 and classified as problematic. This issue affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE to declare...
Auteur: VulDB

Aryanic HighPortal 12.5 Add Tags cross site scripting

A vulnerability has been found in Aryanic HighPortal 12.5 and classified as problematic. This vulnerability affects an unknown function of the component Add Tags Handler. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

LAquis SCADA up to 4.1.0.3870 Stack-based memory corruption

A vulnerability, which was classified as critical, was found in LAquis SCADA up to 4.1.0.3870. This affects an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Stack-based). CWE is classifying...
Auteur: VulDB

LAquis SCADA up to 4.1.0.3870 Project File Stack-based memory corruption

A vulnerability, which was classified as critical, has been found in LAquis SCADA up to 4.1.0.3870. Affected by this issue is an unknown function of the component Project File Handler. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

LAquis SCADA up to 4.1.0.3870 Code Execution directory traversal

A vulnerability classified as critical was found in LAquis SCADA up to 4.1.0.3870. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a directory traversal vulnerability (Code Execution). The...
Auteur: VulDB

LAquis SCADA up to 4.1.0.3870 Integer Overflow memory corruption

A vulnerability classified as critical has been found in LAquis SCADA up to 4.1.0.3870. Affected is an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Integer Overflow). CWE is classifying the...
Auteur: VulDB

LAquis SCADA up to 4.1.0.3870 Out-of-Bounds memory corruption

A vulnerability was found in LAquis SCADA up to 4.1.0.3870. It has been rated as critical. This issue affects an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds). Using CWE to...
Auteur: VulDB

LAquis SCADA up to 4.1.0.3870 Pointer Dereference memory corruption

A vulnerability was found in LAquis SCADA up to 4.1.0.3870. It has been declared as critical. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Pointer...
Auteur: VulDB

vBulletin 5.4.3 Open Redirect [CVE-2018-15493]

A vulnerability was found in vBulletin 5.4.3 and classified as problematic. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability (Redirect). Using CWE to declare the...
Auteur: VulDB

D-Link DWR-111 /tmp/csman/0 directory traversal

A vulnerability, which was classified as critical, was found in D-Link DWR-116, DIR-140L, DIR-640L, DWR-512, DWR-712, DWR-912, DWR-921 and DWR-111. Affected is an unknown function of the file /tmp/csman/0. The manipulation with an unknown input...
Auteur: VulDB

D-Link DWR-116/DWR-512/DWR-712/DWR-912/DWR-921/DWR-111 chkisg.htm Sip privilege escalation

A vulnerability, which was classified as critical, has been found in D-Link DWR-116, DWR-512, DWR-712, DWR-912, DWR-921 and DWR-111. This issue affects an unknown function of the file chkisg.htm. The manipulation of the argument Sip as part of a...
Auteur: VulDB
First1966196719681969197019711972197319741975Last

Événements SSI