|Paid content will be excluded from the download.
| Matches : 57553
|In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information (password reset tokens) by reading a Referer log, because account/lost_password does not use a redirect.
In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists because markup is mishandled in wiki content.
In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible by using an SVG document as an attachment.
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact.
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information.
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information.
IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL. IBM X-Force ID: 130735.
Multiple client-side cross site scripting vulnerabilities have been discovered in the WpJobBoard v4.5.1 web-application for WordPress. The vulnerabilities are located in the `query` and `id` parameters of the `wpjb-email`, `wpjb-job`, `wpjb-application`, and `wpjb-membership` modules. Remote attackers are able to inject malicious script code to hijack admin session credentials via the backend, or ...
The TELNET service in Mobatek MobaXterm 10.4 does not require authentication, which allows remote attackers to execute arbitrary commands via TCP port 23.
Nero 184.108.40.206 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   5755
© 2013 SecPod Technologies