Latest Security News about improper input validation

Contact US For API Security>

Moxa EDR 810 Series vulnerabilities

Overview : Moxa EDR 810 Series Improper Input Validation and Improper Access Control vulnerabilities Affected Product(s) : EDR-810: All versions 5.1 and prior Vulnerability Details : CVE ID : CVE-2019-10963 Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may […]

Contact US For API Security>

Latest Security vulnerabilities in Cisco products

Overview : Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability  CWE-399/ CVE-2019-12646 A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. Cisco Catalyst […]

Contact US For API Security>

cPanel before 84.0.20 allows a demo account to achieve remote code execution

Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544). Vulnerability Details : CVE ID : CVE-2020-10119 Skip to end of metadata Created by Documentation, last modified yesterday at 3:08 PM Go to start of metadata 84.0.22 2020-03-16 [security] Fixed case SEC-505: Bandwidth suspensions can be triggered [...]
Contact US For API Security>

Pearson eSIS message board has stored XSS vuln

Overview : Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to improper validation of user input Affected Product(s) : Pearson eSIS Enterprise Student Information System Vulnerability Details : CVE ID : CVE-2014-1454 To reproduce the issue a Super User account is needed. After that is accomplished one needs to log in, […]