Aggregator

CVE-2025-25014

CVE Trends
1 year 1 month ago
Currently trending CVE - Hype Score: 4 - A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints.

CVE-2020-1770 | OTRS Community Edition up to 5.0.41/6.0.26/7.0.15 Support Bundle insertion of sensitive information into sent data (DLA 2198-1)

Vuldb Updates
1 year 1 month ago
A vulnerability classified as problematic has been found in OTRS Community Edition up to 5.0.41/6.0.26/7.0.15. Affected is an unknown function of the component Support Bundle Handler. The manipulation leads to insertion of sensitive information into sent data. This vulnerability is traded as CVE-2020-1770. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2020-9467 | Piwigo 2.10.1 /ws.php pwgimagessetInfo File Stored cross site scripting (Issue 159191 / EDB-48814)

Vuldb Updates
1 year 1 month ago
A vulnerability, which was classified as problematic, has been found in Piwigo 2.10.1. Affected by this issue is the function pwgimagessetInfo of the file /ws.php. The manipulation of the argument File as part of Parameter leads to cross site scripting (Stored). This vulnerability is handled as CVE-2020-9467. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2020-1771 | OTRS Community Edition up to 6.0.26/7.0.15 Article Parameter cross site scripting (DLA 3551-1)

Vuldb Updates
1 year 1 month ago
A vulnerability classified as problematic was found in OTRS Community Edition up to 6.0.26/7.0.15. Affected by this vulnerability is an unknown functionality of the component Article Handler. The manipulation as part of Parameter leads to cross site scripting. This vulnerability is known as CVE-2020-1771. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2020-1773 | OTRS Community Edition up to 5.0.41/6.0.26/7.0.15 Password Reset entropy (DLA 3551-1)

Vuldb Updates
1 year 1 month ago
A vulnerability, which was classified as critical, was found in OTRS Community Edition up to 5.0.41/6.0.26/7.0.15. This affects an unknown part of the component Password Reset. The manipulation leads to insufficient entropy. This vulnerability is uniquely identified as CVE-2020-1773. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2019-19913 | Intland codeBeamer ALM up to 9.5 Tracker Title Stored cross site scripting (ID 156951)

Vuldb Updates
1 year 1 month ago
A vulnerability has been found in Intland codeBeamer ALM up to 9.5 and classified as problematic. This vulnerability affects unknown code of the component Tracker. The manipulation of the argument Title as part of Parameter leads to cross site scripting (Stored). This vulnerability was named CVE-2019-19913. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2020-11106 | Responsive FileManager up to 9.14.0 dialog.php $_SESSION['RF']['view_type'] Stored cross site scripting (Issue 603)

Vuldb Updates
1 year 1 month ago
A vulnerability was found in Responsive FileManager up to 9.14.0 and classified as problematic. Affected by this issue is some unknown functionality of the file dialog.php. The manipulation of the argument $_SESSION['RF']['view_type'] as part of Parameter leads to cross site scripting (Stored). This vulnerability is handled as CVE-2020-11106. The attack may be launched remotely. There is no exploit available.
vuldb.com

Managed ad