|
219771
|
4.8 |
MEDIUM
Network
|
dilicms
|
dilicms
|
An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the third textbox (aka site logo) of "System setting->site setting" of admin/index.php, aka site_logo.
|
CWE-79
Cross-site Scripting
|
CVE-2019-8440
|
2024-11-21 13:49 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219772
|
5.4 |
MEDIUM
Network
|
dilicms
|
dilicms
|
An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the second textbox of "System setting->site setting" of admin/index.php, aka site_domain.
|
CWE-79
Cross-site Scripting
|
CVE-2019-8439
|
2024-11-21 13:49 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219773
|
4.8 |
MEDIUM
Network
|
dilicms
|
dilicms
|
An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the first textbox of "System setting->site setting" of admin/index.php, aka site_name.
|
CWE-79
Cross-site Scripting
|
CVE-2019-8438
|
2024-11-21 13:49 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219774
|
8.8 |
HIGH
Network
|
njiandan-cms_project
|
njiandan-cms
|
njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to add an administrator.
|
CWE-352
Origin Validation Error
|
CVE-2019-8437
|
2024-11-21 13:49 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219775
|
8.1 |
HIGH
Network
|
hashicorp
|
consul
|
HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters,…
|
NVD-CWE-noinfo
|
CVE-2019-8336
|
2024-11-21 13:49 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219776
|
6.5 |
MEDIUM
Network
|
uvnc
siemens
|
ultravnc
sinumerik_pcu_base_win7_software\/ipc
sinumerik_pcu_base_win10_software\/ipc
sinumerik_access_mymachine\/p2p
|
UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be explo…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8263
|
2024-11-21 13:49 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219777
|
9.8 |
CRITICAL
Network
|
uvnc
siemens
|
ultravnc
sinumerik_pcu_base_win7_software\/ipc
sinumerik_pcu_base_win10_software\/ipc
sinumerik_access_mymachine\/p2p
|
UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network co…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8262
|
2024-11-21 13:49 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219778
|
9.8 |
CRITICAL
Network
|
uvnc
|
ultravnc
|
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivit…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-8261
|
2024-11-21 13:49 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219779
|
9.8 |
CRITICAL
Network
|
uvnc
|
ultravnc
|
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This v…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-8260
|
2024-11-21 13:49 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219780
|
7.5 |
HIGH
Network
|
uvnc
siemens
|
ultravnc
sinumerik_pcu_base_win7_software\/ipc
sinumerik_pcu_base_win10_software\/ipc
sinumerik_access_mymachine\/p2p
|
UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vu…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-8259
|
2024-11-21 13:49 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
