In Nagios XI through 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address.Read M ...
Continue Reading
June 28, 2022
In Nagios XI through 5.8.5, it is possible for a user without password verification to change his e-mail address.Read More ...
Continue Reading
June 28, 2022
In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. This allows an attacker to permanently disable all monito ...
Continue Reading
June 28, 2022
In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing.Read More ...
Continue Reading
June 28, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
June 28, 2022
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.Read More ...
Continue Reading
June 28, 2022
File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php.Read More ...
Continue Reading
June 28, 2022
A reflected Cross Site Scripting (XSS) in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter.Read More ...
Continue Reading
June 28, 2022
Back to Main
