|
220321
|
6.5 |
MEDIUM
Network
|
property_rental_software_project
|
property_rental_software
|
PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2016/08 directory.
|
CWE-200
Information Exposure
|
CVE-2019-7429
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220322
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_netflow_analyzer
|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7425
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220323
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_netflow_analyzer
|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTim…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7424
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220324
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_netflow_analyzer
|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7423
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220325
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_netflow_analyzer
|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7422
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220326
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7421
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220327
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7420
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220328
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7419
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220329
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7418
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220330
|
6.1 |
MEDIUM
Network
|
ericsson
|
active_library_explorer
|
XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7417
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
