Cross Site Scripting issue in MAUTIC 2.13.1
Version : Mautic 2.13.1 Severity : Severe Explanation : Stored Cross Site Scripting vulnerability is found by manipulating argument authorUrl with an unknown input and is…
Pecl http extension Memory Corruption Vulnerability
Version : pecl-http extension up to 2.6.0beta2/3.1.0beta2 Severity : Medium Explanation : The function merge_param() of the file php_http_params.c. Forged http requests can cause memory corruption CVE:…
Sahi Pro Weak Authentication Vulnerability
Version : Sahi Pro (Upto Version : 8.0) Severity : Critical Explanation : The function TestRunner_Non_distributed of create/modify/delete. The manipulation with an unknown input leads…
Critical authentication bypass vulnerability found in Alfresco Community Edition (CVE-2019-14222)
Critical authentication bypass vulnerability found in Alfresco Community Edition (CVE-2019-14222) An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote…
Kubernetes WAF for API security in the cloud
As most of the applications are moving to cloud , there are many factors which needs to be addressed . Reliability, Data management, Scalability, Cost…
Information Disclosure Vulnerability in Jenkins Plugin CVE-2019-1010241
Jenkins Credentials Binding plugin is under attack to an info: disclosure vulnerability. Illigal use of this issue to gain control over sensitive informations that may…