God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing.
0739b7472a6c8181be50dac6e880dba434850aeb93bca40ab3c19da4c9c1fd8cFramer Preview version 12 for Android exposes an activity to other apps called "com.framer.viewer.FramerViewActivity". The purpose of this activity is to show contents of a given URL via an fullscreen overlay to the app user. However, the app does neither enforce any authorization schema on the activity nor does it validate the given URL.
e54f0aa32e54c06b14955e19264b2f743bd0ebfed0a629f5cc6a8d1038c27426Acronis Cyber Backup version 12.5 Build 16341 suffers from a server-side request forgery vulnerability.
5776367a895d7236549ae9bed6615f059a8c84f1ee0883489602ba985f741b60o2 Business for Android version 1.2.0 suffers from an open redirection vulnerability.
ed073540b55db066df4e43d61452b19af671d57a6dad0ef1271c98600b232356MJML versions 4.6.2 and below suffer from a path traversal vulnerability.
166961aa7a1aa4863ba6a1c75fcc9e0116bd4fd9789c3759ca27ecb57c656da5WordPress SlickQuiz plugin version 1.3.7.1 suffers from a remote SQL injection vulnerability.
3b3f2021735ae446297196ed34135cc91bdd1359c4dc4c1847d8a05052387e80WordPress SlickQuiz plugin version 1.3.7.1 suffers from a persistent cross site scripting vulnerability.
cbb9b82d8abba98ceec52791f9d154653f25751db87716fba4d0f5bdb5a37486Quest KACE Systems Management Appliance versions 9.0 and below suffer from a cross site scripting vulnerability.
65f3a081afe40db41f6639b1bc6e910e5e069fe0b2e9e5ad97c5da01c2da144fSchneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in track_import_export.php.
c724d066bedbb754af39373a9ad1f796ff21a6be3217d9b48ffbef558b5bacebDell KACE Systems Management Appliance (K1000) version 6.4.120756 unauthenticated remote code execution exploit.
3eb5dff93e50fbe23fbc7494f2ff3a530986ae8dffc834f971baafeb16a34e1aUbiquiti UniFi Video version 3.7.3 (Windows) suffers from a local privilege escalation vulnerability due to insecure directory permissions.
45c4e2bf10eee74f0c0735dc38d94473b61dcdfd79d35dbb1d31dd27cc2782d5Check_mk versions 1.2.8p25 and below suffer from a save_users() race condition that leads to sensitive information disclosure.
3817f4097ba3c193b240667f3e9f94890b3c36bbafc096a89f647938a535aa59AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.
b5e6ee31b1a3e5fd0aa449ccfe7c7f88fc5ec5d1636f74a41f4ea05671f70da8Mattermost versions 3.5.0 and 3.5.1 suffer from a cross site scripting vulnerability.
bf8d77494b82eb251135d622671addcd78c1075cfdb00180733870c23345ad0eAtlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from a cross site scripting vulnerability.
58c57bd896a1b741f14676780ed0548bea2bc4824bf165be69c2d7dd293e7f52Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from an information disclosure vulnerability.
8357c39588ad5506639d97020e1806800b3080757eee8fa79931e45eb66d5148Atlassian Confluence AppFusions Doxygen version 1.3.0 suffers from a path traversal vulnerability.
77aa28687a473275fa3261bb168ee38f7a5939fe9c9aa294dd42f3b61e038e76XenForo ToggleME version 3.1.2 suffers from multiple cross site scripting vulnerabilities.
2ec81da933635f268cac0c59dd5efa9ad0c1541a95dcd28dee6c054aedd2362eAlienVault USM/OSSIM version 5.2 suffers from a cross site scripting vulnerability.
52d6e5998255d0e9741227d3f9f592c61f60e95789c4df2d2c3f1ba5af0dbda1Apache Archiva version 1.3.9 suffers from a cross site scripting vulnerability.
04f8a6de07ed3133f7856a60c7f6f21b4d9abdd91819b80ae6ad97c203cf32c1Apache Archiva version 1.3.9 suffers from a cross site request forgery vulnerability.
7668a8296181447642b0332f0a99e7d8f4c3bc9ac9250ca8df5203b11bf750e3XenAPI for XenForo version 1.4.1 suffers from a remote SQL injection vulnerability.
7c3a37ee9ac8d2b769a495f772ba61c0683b07b2341e2500844b324ffac74676Postfix Admin version 2.93 suffers from a cross site request forgery vulnerability.
c36bf42d6746cb09cb01c495637ea7bc269111f9cfcff5161901216a53a69331Swagger Editor version 2.9.9 suffers from a cross site scripting vulnerability.
2c9f139677da0df23f3a83e1dfd810fd387124a00de5fae2c2e07e62c09ac0efUbiquiti Networks UniFi version 3.2.10 suffers from a cross site request forgery vulnerability.
ce6b8f6b7d6df9b959e6dc54e07373ec0465accd0d4c1c0b4ce70674fb6f11ce
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed