[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 253351 Download | Alert*

cPanel before 82.0.15 allows self XSS in LiveAPI example scripts (SEC-524).

cPanel before 82.0.15 allows self XSS in the SSL Key Delete interface (SEC-526).

cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527).

cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface (SEC-528).

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.

The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem.

The animate-it plugin before 2.3.4 for WordPress has XSS.

The animate-it plugin before 2.3.5 for WordPress has XSS.

The animate-it plugin before 2.3.6 for WordPress has CSRF in edsanimate.php.

An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.


Pages:      Start    9070    9071    9072    9073    9074    9075    9076    9077    9078    9079    9080    9081    9082    9083    ..   25335

© SecPod Technologies