|
194961
|
4.8 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly. A highly privileged attacker could inject arbitrary code into i…
|
CWE-79
Cross-site Scripting
|
CVE-2021-25919
|
2024-11-21 14:55 |
2021-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194962
|
4.8 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the TOTP Authentication method page. A highly pr…
|
CWE-79
Cross-site Scripting
|
CVE-2021-25918
|
2024-11-21 14:55 |
2021-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194963
|
4.8 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the U2F USB Device authentication method page. A…
|
CWE-79
Cross-site Scripting
|
CVE-2021-25917
|
2024-11-21 14:55 |
2021-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194964
|
7.2 |
HIGH
Network
|
atlassian
|
data_center
jira
jira_server
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `mak…
|
CWE-287
Improper Authentication
|
CVE-2021-26070
|
2024-11-21 14:55 |
2021-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194965
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
data_center
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in…
|
CWE-74
Injection
|
CVE-2021-26069
|
2024-11-21 14:55 |
2021-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194966
|
5.3 |
MEDIUM
Network
|
jetbrains
|
phpstorm
|
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
|
NVD-CWE-noinfo
|
CVE-2021-25764
|
2024-11-21 14:55 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194967
|
4.3 |
MEDIUM
Network
|
seeddms
|
seeddms
|
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
|
CWE-352
Origin Validation Error
|
CVE-2021-26216
|
2024-11-21 14:55 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194968
|
4.3 |
MEDIUM
Network
|
seeddms
|
seeddms
|
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
|
CWE-352
Origin Validation Error
|
CVE-2021-26215
|
2024-11-21 14:55 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194969
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers …
|
CWE-787
Out-of-bounds Write
|
CVE-2021-26237
|
2024-11-21 14:55 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194970
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. …
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-26235
|
2024-11-21 14:55 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
