to main page send mail
 
Based on Open Source »

To do it yourself »

Just follow the ebooks »
About Arnaert Marc Arnaert Open FTP Prefered Links Security Feeds Arnaert Marc Publications Arnaert Marc Games Arnaert genealogy

Last Cybersecurity/CERT/Hacking Feeds
[webapps] Gila CMS < 1.11.1 - Local File Inclusion
Gila CMS < 1.11.1 - Local File Inclusion
[remote] Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure
Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure
[remote] HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure
HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure
CVE-2019-16679 (gila_cms)
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.
CVE-2019-16660 (joyplus)
joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.
CVE-2019-16658 (tuzicms)
TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.
CVE-2019-16661 (ogma_cms)
Ogma CMS 0.5 has XSS via creation of a new blog.
CVE-2019-16664 (thinksaas)
An issue was discovered in ThinkSAAS 2.91. There is XSS via the index.php?app=group&ac=create&ts=do groupname parameter.
CVE-2019-16665 (thinksaas)
An issue was discovered in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element.
CVE-2019-16657 (tuzicms)
TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/.
An aggregation of cybersecurity feeds

Feeds :
ICS, CERT, Exploit-DB, Greenbone, SoldierX
Terms of Use | Privacy Statement (c) 2018 Marc Arnaert. All rights reserved