Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response DiscrepancyRead More ...
Continue Reading
May 30, 2023
A user can supply malicious HTML and JavaScript code that will be executed in the client browserRead More ...
Continue Reading
May 30, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected CredentialsRead More ...
Continue Reading
May 30, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')Read More ...
Continue Reading
May 30, 2023
Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.2 in the `/display/map` API route inside the CMS. This allow ...
Continue Reading
May 30, 2023
Xibo is a content management system (CMS). Starting in version 3.0.0 and prior to version 3.3.5, some API routes will print a stack trace when called with missing or invalid parameters revealing sensi ...
Continue Reading
May 30, 2023
Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.5 in the `nameFilter` function used throughout the CMS. This ...
Continue Reading
May 30, 2023
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the deviceââ¬â¢s memory layout, further exploitation is possible.Read More ...
Continue Reading
May 30, 2023
Back to Main
