Self – Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 while editing an existing monitor field named "signal check color" (monitor.php). There exists no input validation or output filtration, leaving it vulnerable...
Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable ‘show’ parameter value in the view frame (frame.php) because proper filtration is...
Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER[‘PHP_SELF’] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading...
Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable ‘scale’ parameter value in the view frame (frame.php) via /js/frame.js.php because proper...
Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable ‘scale’ parameter value in the view frame (frame.php) because proper filtration is...
Self – Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable ‘Host’ parameter value in the view console (console.php) because proper...
Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as multiple views under web/skins/classic/views insecurely utilize $_REQUEST[‘PHP_SELF’], without applying any proper filtration. Date published : 2019-02-04 https://github.com/ZoneMinder/zoneminder/issues/2450
app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting. Date published : 2019-02-04 http://seclists.org/fulldisclosure/2019/May/41 http://packetstormsecurity.com/files/153093/Kanboard-1.2.7-Cross-Site-Scripting.html
GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies...
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. Date published : 2019-02-04 http://www.securityfocus.com/bid/108098 https://seclists.org/bugtraq/2019/Apr/30
An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05. The userid parameter in jumpin.php has a SQL injection vulnerability. Date published : 2019-02-04 https://kc.mcafee.com/corporate/index?page=content&id=SB10330 https://github.com/eddietcc/CVEnotes/tree/master/Chat2
IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form...
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated...
Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon...