Vulnerabilities Discovered in CIPAce Enterprise Platform
Overview : A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP
Overview : A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP
Overview : Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege
[vc_row][vc_column][vc_column_text] Overview : A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user
[vc_row][vc_column][vc_column_text] Overview : The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to
Overview : An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by
[vc_row][vc_column][vc_column_text] Overview : In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes
Overview : In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might
[vc_row][vc_column][vc_column_text] Overview : Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an
[vc_row][vc_column][vc_column_text] Overview : Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers
[vc_row][vc_column][vc_column_text] Overview : ** DISPUTED ** phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF
[vc_row][vc_column][vc_column_text] Overview : In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter.codeBeamer versions
[vc_row][vc_column][vc_column_text] Overview : A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution
Overview : The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial
[vc_row][vc_column][vc_column_text] Overview : In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API
[vc_row][vc_column][vc_column_text] Overview : On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic
[vc_row][vc_column][vc_column_text] Overview : Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as
[vc_row][vc_column][vc_column_text] Overview : Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
[vc_row][vc_column][vc_column_text] Overview : GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. References Note: References are provided for the
[vc_row][vc_column][vc_column_text] Overview : Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo
[vc_row][vc_column][vc_column_text] Overview : The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for
[vc_row][vc_column][vc_column_text] Overview : An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05,
[vc_row][vc_column][vc_column_text] Overview : There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to
[vc_row][vc_column][vc_column_text] Overview : This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Foglight Evolve 9.0.0.
[vc_row][vc_column][vc_column_text] Overview : In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval