cPanel before 84.0.20 allows a demo account to achieve remote code execution
Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
cPanel before 82.0.18 Account bypass vulnerability
Overview : cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). Affected
Anomaly Detection Parameter Name in Fortinet FortiWeb 6.0.5, 6.2.0
Overview : An improper neutralization of input vulnerability in the Anomaly Detection interface of FortiWeb may allow a remote unauthenticated
Wolf CMS versions 0.75 and below suffer from a persistent cross site scripting vulnerability
Overview : A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web
Cisco Linksys E4200 firmware suffers from cross site scripting and local file inclusion vulnerabilities
Overview : Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers
Simple Online Planning Tool multiple vulnerabilities
Overview : SO Planning is an open source online planning tool completely free, designed to easily plan projects / tasks
Craft CMS 3.1.12 Pro Cross Site Scripting
Overview : In the 3.1.12 Pro version of the Craft CMS web application, the XSS vulnerability has been discovered in
Accentis Content Resource Management System suffer from a cross site scripting vulnerability.
Overview : Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a cross site
Improper Neutralization of CRLF Sequences in HTTP Headers in Versions of Armeria 0.85.0 through and including 0.96.0
Overview : Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers
Openfind MAIL2000 Webmail vulnerabilities
Overview : Multiple flaws in Openfind MAIL2000 through version 6.0 and 7.0 Affected Product(s) : Openfind MAIL2000 through version 6.0
Cross-site Scripting Vulnerability in Zikula Application Framework
Overview : Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the ‘themename’ parameter
WSO2 IS as Key Manager 5.7.0 allows web vulnerabilities
Overview : An attacker can trick a privileged user while using WSO2 IS as Key Manager Affected Product(s) : WSO2
Multiple vulnerabilities in TYPO3 Core
Overview : Multiple flaws was discovered in TYPO3 Core Affected Product(s) : TYPO3 versions 4.1.13 and below, 4.2.12 and below,
WordPress 5.2.4 Security Release Breakdown
Overview : WordPress released version 5.2.4 as a security release. According to WordPress, WordPress version 5.2.4 fixes 6 security issues.
Cisco Security issues released
Overview : Cisco Aironet Access Points Unauthorized Access Vulnerability CWE-284 / CVE-2019-15260 A vulnerability in Cisco Aironet Access Points (APs) Software could
NETGEAR JNR1010 devices before 1.0.0.32 hacks
Overview : NETGEAR JNR1010 devices flaws Affected Product(s) : Netgear Router JNR1010 Version 1.0.0.24 Vulnerability Details : CVE ID :
SAP Latest Security Patch released
Overview : Latest vulnerabilities discovered in SAP products Affected Product(s) : SAP Vulnerability Details : CVE ID : CVE-2019-0367 [CVE-2019-0367] Missing
ArcSight Logger Security Vulnerability
Overview : ‘External Task is undefined’ & ‘Syntax error’ errors appear on browser console after a Logger report query object
JetBrains announces vulnerabilities
Overview : The security vulnerabilities detected in JetBrains products as follows Affected Product(s) : JetBrains 2019.2.56594 JetBrains ReSharper installers for
Cisco announces vulnerabilities
Overview : Cisco Firepower Management Center Remote Code Execution Vulnerability CWE-20 / CVE-2019-12689 A vulnerability in the web-based management interface
JetBrains Security News
Overview : The security vulnerabilities detected in JetBrains products as follows Affected Product(s) : JetBrains YouTrack versions before 2019.1.52584. JetBrains
phpBB CSRF Token Hijacking attack exposed
Overview : phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the
Latest Security vulnerabilities in Cisco products
Overview : Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability CWE-399/ CVE-2019-12646 A
Jenkins announces vulnerabilities
Overview : Stored XSS vulnerability in expandable textbox form control SECURITY-1498 / CVE-2019-10401 Jenkins form controls include an expandable textbox