jeudi 20 juin 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Scriptzee Hotel Booking Engine 1.0 h_room_type sql injection

A vulnerability was found in Scriptzee Hotel Booking Engine 1.0 (Hospitality Software) and classified as critical. This issue affects an unknown code. The manipulation of the argument h_room_type as part of a Parameter leads to a sql injection...
Auteur: VulDB

Scriptzee Flippa Marketplace Clone 1.0 sortBy/sortDir sql injection

A vulnerability has been found in Scriptzee Flippa Marketplace Clone 1.0 and classified as critical. This vulnerability affects an unknown part. The manipulation of the argument sortBy/sortDir as part of a Parameter leads to a sql injection...
Auteur: VulDB

Scriptzee Education Website 1.0 college_list.html subject/city/country sql injection

A vulnerability, which was classified as critical, was found in Scriptzee Education Website 1.0. This affects some unknown functionality of the file college_list.html. The manipulation of the argument subject/city/country as part of a Parameter...
Auteur: VulDB

e107 CMS 2.1.9 e107_admin/comment.php cross site scripting

A vulnerability, which was classified as problematic, has been found in e107 CMS 2.1.9 (Content Management System). Affected by this issue is an unknown functionality of the file e107_admin/comment.php. The manipulation with an unknown input...
Auteur: VulDB

Jimtawl 2.2.7 on Joomla id sql injection

A vulnerability classified as critical was found in Jimtawl 2.2.7 on Joomla (Joomla Component). Affected by this vulnerability is an unknown function. The manipulation of the argument id as part of a Parameter leads to a sql injection...
Auteur: VulDB

AMGallery 1.2.3 on Joomla filter_category_id sql injection

A vulnerability classified as critical has been found in AMGallery 1.2.3 on Joomla (Joomla Component). Affected is some unknown processing. The manipulation of the argument filter_category_id as part of a Parameter leads to a sql injection...
Auteur: VulDB

HealthNode Hospital Management System 1.0 info.php id sql injection

A vulnerability was found in HealthNode Hospital Management System 1.0. It has been rated as critical. This issue affects an unknown code block of the file dashboard/Patient/info.php. The manipulation of the argument id as part of a Parameter...
Auteur: VulDB

Live Call Support Application 1.5 server.php cross site request forgery

A vulnerability was found in Live Call Support Application 1.5. It has been declared as problematic. This vulnerability affects an unknown code of the file server.php. The manipulation with an unknown input leads to a cross site request forgery...
Auteur: VulDB

Twilio Web to Fax Machine System 1.0 login_check.php email/password sql injection

A vulnerability was found in Twilio Web to Fax Machine System 1.0. It has been classified as critical. This affects an unknown part of the file login_check.php. The manipulation of the argument email/password as part of a Parameter leads to a...
Auteur: VulDB

Nimble Messaging Bulk SMS Marketing Application 1.0 cross site request forgery

A vulnerability was found in Nimble Messaging Bulk SMS Marketing Application 1.0 (Marketing Software) and classified as problematic. Affected by this issue is some unknown functionality. The manipulation with an unknown input leads to a cross...
Auteur: VulDB

Micro Deal Factory 2.4.0 on Joomla mydeals/ id sql injection

A vulnerability has been found in Micro Deal Factory 2.4.0 on Joomla (Joomla Component) and classified as critical. Affected by this vulnerability is an unknown functionality of the file mydeals/. The manipulation of the argument id as part of a...
Auteur: VulDB

Dutch Auction Factory 2.0.2 on Joomla Filter filter_order_Dir/filter_order sql injection

A vulnerability, which was classified as critical, was found in Dutch Auction Factory 2.0.2 on Joomla (Auction Software). Affected is an unknown function of the component Filter. The manipulation of the argument filter_order_Dir/filter_order as...
Auteur: VulDB

Auction Factory 4.5.5 on Joomla Filter filter_order_Dir/filter_order sql injection

A vulnerability, which was classified as critical, has been found in Auction Factory 4.5.5 on Joomla (Auction Software). This issue affects some unknown processing of the component Filter. The manipulation of the argument...
Auteur: VulDB

Nagios XI up to 5.5.3 Access Control coreconfigsnapshot.php privilege escalation

A vulnerability classified as critical was found in Nagios XI up to 5.5.3 (Log Management Software). This vulnerability affects an unknown code block of the file coreconfigsnapshot.php of the component Access Control. The manipulation with an...
Auteur: VulDB

Nagios XI up to 5.5.3 Management Page name cross site scripting

A vulnerability classified as problematic has been found in Nagios XI up to 5.5.3 (Log Management Software). This affects an unknown code of the component Management Page. The manipulation of the argument name as part of a Parameter leads to a...
Auteur: VulDB

ZrLog 2.0.1 nickname Stored cross site scripting

A vulnerability was found in ZrLog 2.0.1. It has been rated as problematic. Affected by this issue is an unknown part. The manipulation of the argument nickname as part of a Comment leads to a cross site scripting vulnerability (Stored). Using...
Auteur: VulDB

VTech Storio Max prior 56.D3JM6 Service Port 1668 privilege escalation

A vulnerability was found in VTech Storio Max. It has been declared as critical. Affected by this vulnerability is some unknown functionality of the component Service Port 1668. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

wpForo Forum Plugin up to 1.5.1 on WordPress privilege escalation

A vulnerability was found in wpForo Forum Plugin up to 1.5.1 on WordPress (Forum Software). It has been classified as critical. Affected is an unknown functionality. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Sony Bravia TV up to 8.587 Photo Sharing Plus memory corruption

A vulnerability was found in Sony Bravia TV up to 8.587 (Digital Media Player) and classified as critical. This issue affects an unknown function of the component Photo Sharing Plus. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Sony Bravia TV up to 8.587 Photo Sharing Plus directory traversal

A vulnerability has been found in Sony Bravia TV up to 8.587 (Digital Media Player) and classified as critical. This vulnerability affects some unknown processing of the component Photo Sharing Plus. The manipulation with an unknown input leads...
Auteur: VulDB

Sony Bravia TV up to 8.587 Photo Sharing Plus command injection

A vulnerability, which was classified as critical, was found in Sony Bravia TV up to 8.587 (Digital Media Player). This affects an unknown code block of the component Photo Sharing Plus. The manipulation with an unknown input leads to a...
Auteur: VulDB

BubbleUPnP 0.9 Update 30 XML Parsing Engine XML External Entity

A vulnerability, which was classified as critical, has been found in BubbleUPnP 0.9 Update 30. Affected by this issue is an unknown code of the component XML Parsing Engine. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

IBM Marketing Platform 9.1.0/9.1.2/10.0/10.1 Header information disclosure

A vulnerability classified as problematic was found in IBM Marketing Platform 9.1.0/9.1.2/10.0/10.1 (Marketing Software). Affected by this vulnerability is an unknown part of the component Header Handler. The manipulation with an unknown input...
Auteur: VulDB

Cisco Releases Security Updates for Multiple Products

Original release date: June 19, 2019 Cisco has released security updates to address vulnerabilities in multiple Cisco products.  A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The...
Auteur: US Cert

Advantech WebAccess/SCADA 8.4.0 RPC Call Stack-based memory corruption

A vulnerability classified as critical has been found in Advantech WebAccess and SCADA 8.4.0 (SCADA Software). Affected is some unknown functionality of the component RPC Call Handler. The manipulation with an unknown input leads to a memory...
Auteur: VulDB
12345678910Last

Événements SSI

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS