Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the bro ...
Continue Reading
May 05, 2023
A vulnerability has been found in Caton CTP Relay Server 1.2.9 and classified as critical. This vulnerability affects unknown code of the file /server/api/v1/login of the component API. The manipulati ...
Continue Reading
May 04, 2023
An XML external entity (XXE) vulnerability exists in ManageEngine AssetExplorer 6.9 Build 6980 through Build 6988. A threat actor with the SDAdmin role can configure a malicious server to return a res ...
Continue Reading
May 04, 2023
An XML external entity vulnerability exists in ManageEngine SupportCenter Plus prior to 14.2 Build 14200. A threat actor with the SDAdmin role can configure a malicious server to return a response wit ...
Continue Reading
May 04, 2023
The version of tomcat7 installed on the remote host is prior to 7.0.109-1.42. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1738 advisory. - Apache Commons Fi ...
Continue Reading
May 04, 2023
An XML external entity vulnerability exists in ManageEngine ServiceDesk Plus prior to 14.1 Build 14105. A threat actor with the SDAdmin role can configure a malicious server to return a response with ...
Continue Reading
May 04, 2023
An XML external entity vulnerability exists in ManageEngine ServiceDesk Plus MSP prior to 14.2 Build 14200. A threat actor with the SDAdmin role can configure a malicious server to return a response w ...
Continue Reading
May 04, 2023
Last week, there were 77 vulnerabilities disclosed in 68 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 32 Vulnerabi ...
Continue Reading
May 04, 2023
Back to Main
