|
222091
|
8.8 |
HIGH
Network
|
sukimalab
|
attendance_manager
|
Cross-site request forgery (CSRF) vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5971
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222092
|
6.1 |
MEDIUM
Network
|
sukimalab
|
attendance_manager
|
Cross-site scripting vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-5970
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222093
|
6.1 |
MEDIUM
Network
|
weseek
|
growi
|
Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote attackersto redirect users to arbitrary web sites and conduct phishing attacks via the process of login.
|
CWE-601
Open Redirect
|
CVE-2019-5969
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222094
|
8.8 |
HIGH
Network
|
weseek
|
growi
|
Cross-site request forgery (CSRF) vulnerability in GROWI v3.4.6 and earlier allows remote attackers to hijack the authentication of administrators via updating user's 'Basic Info'.
|
CWE-352
Origin Validation Error
|
CVE-2019-5968
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222095
|
6.1 |
MEDIUM
Network
|
joruri
|
joruri_cms_2017
|
Cross-site scripting vulnerability in Joruri CMS 2017 Release2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-5967
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222096
|
5.4 |
MEDIUM
Network
|
joruri
|
joruri_mail
|
Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2019-5966
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222097
|
6.1 |
MEDIUM
Network
|
joruri
|
joruri_mail
|
Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-601
Open Redirect
|
CVE-2019-5965
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222098
|
8.8 |
HIGH
Adjacent
|
idoors
|
idoors_reader
|
iDoors Reader 2.10.17 and earlier allows an attacker on the same network segment to bypass authentication to access the management console and operate the product via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2019-5964
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222099
|
8.8 |
HIGH
Network
|
zoho
|
salesiq
|
Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5963
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222100
|
6.1 |
MEDIUM
Network
|
zoho
|
salesiq
|
Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-5962
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
