[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251453 Download | Alert*

A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) due to insufficient sanitisation when passing arguments to the phantomjs.exe binary. In order to exploit the vulnerability, remote authenticated administrators ne ...

Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request.

FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI.

MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI.

Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863. An authenticated user with necessary permissions is able to remotely execute OS commands by sending a crafted serialized object.

A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server.

core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive.

GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies.

Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.


Pages:      Start    9505    9506    9507    9508    9509    9510    9511    9512    9513    9514    9515    9516    9517    9518    ..   25145

© SecPod Technologies