Security
Headlines
HeadlinesLatestCVEs

Headline

Dolibarr ERP / CRM 14.0.2 Cross Site Scripting / Privilege Escalation

Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation.

Packet Storm

Related news

Dolibarr ERP / CRM 13.0.2 Remote Code Execution

Dolibarr ERP and CRM version 13.0.2 suffer from a remote code execution vulnerability.

Dolibarr ERP / CRM 13.0.2 Cross Site Scripting

Dolibarr ERP and CRM version 13.0.2 suffer from a persistent cross site scripting vulnerability.

CVE-2021-37124: Security Advisory - Path Traversal Vulnerability in Huawei PC Product

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.

Fugue Adds Kubernetes Security Checks to Secure Infrastructure-As-Code

Developers can apply proper security controls as they programmatically deploy Kubernetes clusters.

IDrive Remote Desktop Offers Protection from RDP Cyberattacks and Vulnerabilities

Remote Desktop aims to solve vulnerability issues with RDP by implementing robust access and security controls.

CVE-2021-38124: Portal

Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution.

CVE-2021-40310: OpenSIS 8.0 'cp_id_miss_attn' - Reflected Cross-Site Scripting (XSS) PoC

OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.

CVE-2021-40868: Cloudron 6.2 Cross Site Scripting ≈ Packet Storm

In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.

CVE-2021-22528: Cross-Site Scripting Vulnerability (CVE-2021-22528)

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution