|
223991
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira_server
|
The FilterPickerPopup.jspa resource in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scriptin…
|
CWE-79
Cross-site Scripting
|
CVE-2019-14996
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223992
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira_server
|
The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specific name exists and if an issue key is valid via a missing p…
|
CWE-862
Missing Authorization
|
CVE-2019-14995
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223993
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2019-14725
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223994
|
7.5 |
HIGH
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2019-14724
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223995
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14730
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223996
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14729
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223997
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14728
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223998
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14727
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223999
|
5.4 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14726
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224000
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14723
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
