An unauthenticated XML external entity injection (XXE) vulnerability exists in LXCA's Common Information Model (CIM) server that could result in read-only access to specific...Read More ...
Continue Reading
June 26, 2023
A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web...Read More ...
Continue Reading
June 26, 2023
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote...Read More ...
Continue Reading
June 26, 2023
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized users can delete an application erroneously. This v ...
Continue Reading
June 26, 2023
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. Affected versions of DataEase has a privilege bypass vulnerability where ordinary use ...
Continue Reading
June 26, 2023
Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images.Read More ...
Continue Reading
June 26, 2023
Cross Site Scripting vulnerability in TinyMCE v.4.9.6 and before and v.5.0.0 thru v.5.1.4 allows an attacker to execute arbitrary code via the editor function.Read More ...
Continue Reading
June 26, 2023
An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to execute arbitrary code and cause a denial of service via a the session expiration function.Read More ...
Continue Reading
June 26, 2023
Back to Main
