Master Data Online version 2.0 suffers from a cross site scripting vulnerability.
>> ARCHIVE: 2019-08
Mitel 6869i Voip Deskphone version 4.2.2032 suffer from an unauthenticated command injection vulnerability.
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the…
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated…
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname…
VxWorks 6.8 – TCP Urgent Pointer = 0 Integer Underflow
BSI Advance Hotel Booking System 2.0 – ‘booking_details.php Persistent Cross-Site Scripting
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 – ‘cities.php’ SQL Injection
Cisco Adaptive Security Appliance – Path Traversal (Metasploit)
UNA 10.0.0 RC1 – ‘polyglot.php’ Persistent Cross-Site Scripting