Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter.
Published at: June 01, 2020 at 01:15PM
View on website
Etiqueta: government
New vulnerability on the NVD: CVE-2014-8944
Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter.
Published at: June 01, 2020 at 01:15PM
View on website
New vulnerability on the NVD: CVE-2014-8945
admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields.
Published at: June 01, 2020 at 01:15PM
View on website
New vulnerability on the NVD: CVE-2014-9702
system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information (username and password) via any request, such as a password reset request.
Published at: June 01, 2020 at 01:15PM
View on website
New vulnerability on the NVD: CVE-2019-12003
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: June 01, 2020 at 11:15AM
View on website
Educ Arte Económico 