Search for outlook iniciare sesión - Security Headlines - AI Powered Cyber Security News Aggregator

CVE-2019-19650: Release Notes - New features

Zoho ManageEngine Applications Manager before 13640 allows a remote authenticated SQL injection via the Agent servlet agentid parameter to the Agent.java process function.

CVE-2022-24127: REDCap Change Log - Eastern Virginia Medical School (EVMS), Norfolk, Hampton Roads

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.

2 years ago

CVE

Open in Source

#sql #xss #csrf #vulnerability #web #ios #mac #windows #google #microsoft #amazon #linux #nodejs #js #git #java #php #rce #perl #ldap #pdf #aws #acer #oauth #auth #ruby #chrome #firefox #sap #ssl

CVE-2020-27733: List of bug fixes and feature enhancements

Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.

CVE-2020-28648: Nagios XI Change Log - Nagios

Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code.

CVE-2022-38254: Nagios XI Change Log - Nagios

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the ajax.php script in CCM 3.1.5.