A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions
A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended action
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended ac
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended comman
A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system use
In Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, a vulnerability exists whereby an adversary with access to Flowmon monitoring ports may craft malicious network data that, when processed b
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended co
A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit_BasicS
A stored cross-site scripting (XSS) in Kissflow Work Platform Kissflow Application Versions 7337 Account v2.0 to v4.2vallows attackers to execute arbitrary web scripts or HTML via injecting a crafted
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege esca
A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\d
A vulnerability classified as problematic has been found in Seventh D-Guard up to 20250206. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to path trave
A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Perfo
A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to exec
A vulnerability, which was classified as problematic, was found in mirweiye Seven Bears Library CMS 2023. This affects an unknown part of the component Background Management Page. The manipulation lea
A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker
User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simp
changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perfo
A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by this issue is some unknown functionality of the file
The reflective cross-site scripting vulnerability found in ALC WebCTRL and Carrier i-Vu in versions older than 8.0 affects login panels allowing a
malicious actor to compromise the client browser
.
Page 1+ Next →