ROZCOM client CWE-798: Use of Hard-coded CredentialsRead More ...
Continue ReadingMay 30, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response DiscrepancyRead More ...
Continue ReadingMay 30, 2023
A user can supply malicious HTML and JavaScript code that will be executed in the client browserRead More ...
Continue ReadingMay 30, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected CredentialsRead More ...
Continue ReadingMay 30, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')Read More ...
Continue ReadingMay 30, 2023
Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.2 in the `/display/map` API route inside the CMS. This allow ...
Continue ReadingMay 30, 2023
Xibo is a content management system (CMS). Starting in version 3.0.0 and prior to version 3.3.5, some API routes will print a stack trace when called with missing or invalid parameters revealing sensi ...
Continue ReadingMay 30, 2023
Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.5 in the `nameFilter` function used throughout the CMS. This ...
Continue ReadingMay 30, 2023
Back to Main