Free Trial

TemaTres 3.0 has reflected XSS vuln

http://iowabookgal.com/wp-includes/wp-class.php Overview :
TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI.
http://partnershipforcoastalwatersheds.org/ss_1/ Affected Product(s) :
  • TemaTres 3.0
Vulnerability Details :
CVE ID : CVE-2019-14344
The parameters “replace_string” and “search_string” POST request (XSS reflected)

Solution :

Upgrade to TemaTres 3.1

More information :
https://github.com/zikula/core/commit/d6e6c283f18b3dcb7e92b46a7ad63fc7c7e112e2

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-5288 : SICK SIM1012 Access Control

CVE-2023-5288 : SICK SIM1012 Access Control

Description A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary

Learn more
CVE-2023-44466 : Linux Kernel up to 6.4.4 Ceph File System net/ceph/messenger_v2.c Buffer Overflow

CVE-2023-44466 : Linux Kernel up to 6.4.4 Ceph File System net/ceph/messenger_v2.c Buffer Overflow

Description An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading

Learn more
CVE-2023-20252 : CISCO CATALYST SD-WAN MANAGER SAML API IMPROPER AUTHENTICATION

CVE-2023-20252 : CISCO CATALYST SD-WAN MANAGER SAML API IMPROPER AUTHENTICATION

Description A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an

Learn more