Security
Headlines
HeadlinesLatestCVEs

Headline

Dolibarr ERP / CRM 14.0.2 Cross Site Scripting / Privilege Escalation

Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation.

Packet Storm
#vulnerability#vulnerability#ubuntu#vulnerability#linux#linux#vulnerability#microsoft#ubuntu#linux#vulnerability#linux#ubuntu#sql#vulnerability#vulnerability

Related news

Dolibarr ERP / CRM 13.0.2 Remote Code Execution

Dolibarr ERP and CRM version 13.0.2 suffer from a remote code execution vulnerability.

Dolibarr ERP / CRM 13.0.2 Cross Site Scripting

Dolibarr ERP and CRM version 13.0.2 suffer from a persistent cross site scripting vulnerability.

CVE-2021-37124: Security Advisory - Path Traversal Vulnerability in Huawei PC Product

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.

Dolibarr ERP / CRM 14.0.2 Cross Site Scripting / Privilege Escalation

Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation.

CVE-2021-38124: Portal

Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution.

CVE-2021-40310: OpenSIS 8.0 'cp_id_miss_attn' - Reflected Cross-Site Scripting (XSS) PoC

OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.

CVE-2021-40868: Cloudron 6.2 Cross Site Scripting ≈ Packet Storm

In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.

CVE-2021-22528: Cross-Site Scripting Vulnerability (CVE-2021-22528)

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution