Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

CVE-2020-27449: Release Notes - ManageEngine Password Manager Pro

Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.

CVE
Open in Source
#sql#xss#csrf#vulnerability#web#ios#android#mac#windows#apple#google#microsoft#amazon#ubuntu#linux#cisco#dos#apache#redis#js#git#java#oracle#intel#c++#backdoor#rce#perl#ldap#nginx#samba#pdf#vmware#aws#log4j#oauth#auth#ssh#telnet#ibm#ruby#postgres#jira#chrome#firefox#sap#ssl
CVE-2020-24950: Vulnerability - SQL Injection · Issue #562 · daylightstudio/FUEL-CMS

SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.

i2soft CMS 2.0 Insecure Direct Object Reference

i2soft CMS version 2.0 suffers from an insecure direct object reference vulnerability.

helloGTX Travel Portal CRM 1.6 Insecure Direct Object Reference

helloGTX Travel Portal CRM version 1.6 suffers from an insecure direct object reference vulnerability.

FlatApp Premium Admin Dashboard 1.0 SQL Injection

FlatApp Premium Admin Dashboard version 1.0 suffers from a remote SQL injection vulnerability.

Greeva 2.0 SQL Injection

Greeva version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Easy Web Portal 2.1.1 Cross Site Scripting

Easy Web Portal version 2.1.1 suffers from a cross site scripting vulnerability.

Easy Password Manager 1.1 Information Disclosure

Easy Password Manager version 1.1 suffers from an administrative information disclosure vulnerability.

Easy Member Pro 3.0 Insecure Direct Object Reference

Easy Member Pro version 3.0 suffers from an insecure direct object reference vulnerability.