Página inicial

CVE-2019-16976
In FusionPBX up to 4.5.7, the file appdestinationsdestination_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
Ver mais

CVE-2019-16973
In FusionPBX up to 4.5.7, the file appcontactscontact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16972
In FusionPBX up to 4.5.7, the file appcontactscontact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16971
In FusionPBX up to 4.5.7, the file appmessagesmessages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
Ver mais

CVE-2019-16969
In FusionPBX up to 4.5.7, the file appfifo_listfifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16974
In FusionPBX up to 4.5.7, the file appcontactscontact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16970
In FusionPBX up to 4.5.7, the file appsip_statussip_status.php uses an unsanitized "savemsg" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16968
An issue was discovered in FusionPBX up to 4.5.7. In the file appconference_controlsconference_control_details.php, an unsanitized id variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS.
Ver mais

CVE-2019-16967
An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x before 15.0.6 before FreePBX 14.0.10.3. In the Manager module form (htmladminmodulesmanagerviewsform.php), an unsanitized managerdisplay variable coming from the URL is reflected in HTML, leading to XSS. It can be requested via GET request to /config.php?type=tool&display=manager.
Ver mais

CVE-2019-16965
resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.
Ver mais

CVE-2019-16964
app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit) to execute any commands on the host as www-data.
Ver mais

CVE-2019-16966
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (htmladminmodulescontactmanagerContactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager.
Ver mais

CVE-2019-16986
In FusionPBX up to v4.5.7, the file resourcesdownload.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resourcessecure_download.php is also affected.)
Ver mais

CVE-2019-16985
In FusionPBX up to v4.5.7, the file appxml_cdrxml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system.
Ver mais

CVE-2019-16991
In FusionPBX up to v4.5.7, the file appeditfiledelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16988
In FusionPBX up to v4.5.7, the file appbasic_operator_panelresourcescontent.php uses an unsanitized "eavesdrop_dest" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
Ver mais

CVE-2019-16989
In FusionPBX up to v4.5.7, the file appconferences_activeconference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16987
In FusionPBX up to v4.5.7, the file appcontactscontact_import.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16984
In FusionPBX up to v4.5.7, the file apprecordingsrecording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16983
In FusionPBX up to v4.5.7, the file resourcespaging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16982
In FusionPBX up to v4.5.7, the file appaccess_controlsaccess_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16981
In FusionPBX up to v4.5.7, the file appconference_profilesconference_profile_params.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
Ver mais

CVE-2019-16980
In FusionPBX up to v4.5.7, the file appcall_broadcastcall_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection.
Ver mais

CVE-2019-16979
In FusionPBX up to v4.5.7, the file appcontactscontact_urls.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
Ver mais

CVE-2019-16978
In FusionPBX up to v4.5.7, the file appdevicesdevice_settings.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
Ver mais

CVE-2019-16990
In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.
Ver mais

CVE-2019-17674
WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.
Ver mais

CVE-2019-17673
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
Ver mais

CVE-2019-17672
WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.
Ver mais

CVE-2019-17675
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
Ver mais

CVE-2019-17670
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
Ver mais

CVE-2019-17671
In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.
Ver mais

CVE-2019-17669
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
Ver mais

CVE-2016-11015
NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
Ver mais

WordPress - FLL-AB93DDBC
Múltiplos problemas de segurança (XSS, SSRF, envenenamento de cache) encontrado por Evan Ricafort, J.D. Grimes, Weston Ruter, David Newman, Eugene Kolodenker, Ben Bidner e WordPress Security Team no WordPress (versões <= 5.2.3).
Ver mais

CVE-2019-16344
A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter.
Ver mais

CVE-2015-9488
The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.
Ver mais

CVE-2015-9485
The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.
Ver mais

CVE-2015-9483
The ThemeMakers Invento Responsive Gallery/Architecture Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.
Ver mais

CVE-2019-16913
PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86)%PCProtect with very weak folder permissions, granting any user full permission "Everyone: (F)" to the contents of the directory and its subfolders. In addition, the program installs a service called SecurityService that runs as LocalSystem. This allows any user to escalate privileges to "NT AUTHORITYSYSTEM" by substituting the service's binary with a Trojan horse.
Ver mais

CVE-2019-17046
Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page.
Ver mais

CVE-2019-17045
Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab.
Ver mais

CVE-2019-5992
Cross-site request forgery (CSRF) vulnerability in WordPress Ultra Simple Paypal Shopping Cart v4.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Ver mais

CVE-2019-16221
WordPress before 5.2.3 allows reflected XSS in the dashboard.
Ver mais

CVE-2019-16223
WordPress before 5.2.3 allows XSS in post previews by authenticated users.
Ver mais

CVE-2019-16222
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
Ver mais

CVE-2019-16220
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.
Ver mais

CVE-2019-16219
WordPress before 5.2.3 allows XSS in shortcode previews.
Ver mais

CVE-2019-16217
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
Ver mais

CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments.
Ver mais

WordPress - FLL-4797C600
Vulnerabilidade de scripts (xss) cruzados encontrados por Simon Scannell (Tecnologias Ripas), Zhouyuan Yang de (Fortinet) e Soroush Dalili no núcleo do WordPress (versões <= 5.2.2).
Ver mais

CVE-2015-9377
iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9376
iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9375
Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9373
PayPal Pro Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9372
Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9374
Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9378
iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9379
iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9369
Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9370
Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9371
Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9364
2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9363
iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9365
Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9366
Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9367
Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2015-9368
Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Ver mais

CVE-2019-15497
Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH, HTTP, HTTPS, and FTP.
Ver mais

CVE-2019-11653
Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user’s CheckIn request.
Ver mais

CVE-2019-1010209
GoUrl.io GoURL Wordpress Plugin 1.4.13 and earlier is affected by: CWE-434. The impact is: unauthenticated/unzuthorized Attacker can upload executable file in website. The component is: gourl.php#L5637. The fixed version is: 1.4.14.
Ver mais

CVE-2019-1010104
TechyTalk Quick Chat WordPress Plugin All up to the latest is affected by: SQL Injection. The impact is: Access to the database. The component is: like_escape is used in Quick-chat.php line 399. The attack vector is: Crafted ajax request.
Ver mais

CVE-2019-13450
In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a machine remains vulnerable if the Zoom Client was installed in the past and then uninstalled. Blocking exploitation requires additional steps, such as the ZDisableVideo preference and/or killing the web server, deleting the ~/.zoomus directory, and creating a ~/.zoomus plain file.
Ver mais

CVE-2019-13449
In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a denial of service (continual focus grabs) via a sequence of invalid launch?action=join&confno= requests to localhost port 19421.
Ver mais

CVE-2019-13379
On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in.
Ver mais

CVE-2019-5980
Cross-site request forgery (CSRF) vulnerability in Related YouTube Videos versions prior to 1.9.9 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Ver mais

CVE-2019-5973
Cross-site request forgery (CSRF) vulnerability in Online Lesson Booking 0.8.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Ver mais

CVE-2019-5963
Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Ver mais

CVE-2019-5971
Cross-site request forgery (CSRF) vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Ver mais

CVE-2018-11686
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.
Ver mais

CVE-2017-15123
A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. An attacker could use this flaw to view potentially sensitive information from CloudForms including data such as newly created virtual machines.
Ver mais

CVE-2018-20523
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.
Ver mais

CVE-2017-6514
WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring.
Ver mais

CVE-2019-11353
The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version.
Ver mais

CVE-2019-11633
HoneyPress through 2016-09-27 can be fingerprinted by attackers because of the ingrained unique www.atxsec.com and ayylmao.wpengine.com hostnames within the fake WordPress templates. This allows attackers to discover and avoid this honeypot system.
Ver mais

CVE-2019-6689
An issue was discovered in Dillon Kane Tidal Workload Automation Agent 3.2.0.5 (formerly known as Cisco Workload Automation or CWA). The Enterprise Scheduler for AIX allows local users to gain privileges via Command Injection in crafted Tidal Job Buffers (TJB) parameters. NOTE: this vulnerability exists because the CVE-2014-3272 solution did not address AIX operating systems.
Ver mais

CVE-2019-7727
In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. The observed affected TCP port is 6338 but, based on the product's configuration, a different one could be vulnerable.
Ver mais

CVE-2018-17564
A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.
Ver mais

CVE-2018-17563
A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.
Ver mais

CVE-2018-17565
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell.
Ver mais

CVE-2018-15840
TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f" command.
Ver mais

CVE-2019-9604
PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions.
Ver mais

CVE-2019-9605
PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting (XSS) via the err value in a .ico picture upload.
Ver mais

CVE-2019-9864
PHP Scripts Mall Amazon Affiliate Store 2.1.6 allows Parameter Tampering of the payment amount.
Ver mais

CVE-2018-15818
An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php.
Ver mais

CVE-2019-9787
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
Ver mais

WordPress - FLL-C538D600
Vulnerabilidade de scripts (xss) transversais encontradas por Simon Scannell no WordPress (versões 3.9-5.1).
Ver mais

CVE-2019-9606
PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS via the "Update profile" feature.
Ver mais

CVE-2019-9607
PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file.
Ver mais

CVE-2019-9063
PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount.
Ver mais