Category Archives: Advisories

MapTool v1.11.5 – Cross Site Scripting Vulnerabilities

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
MapTool v1.11.5 – Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2319

Release Date:
=============
2022-10-11

Vulnerability Laboratory ID (VL-ID):
====================================
2319

Common Vulnerability Scoring System:
====================================
5.6

Vulnerability Class:
====================
Cross Site Scripting…

Read More

MapTool v1.11.5 – Denial of Service Vulnerability

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
MapTool v1.11.5 – Denial of Service Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2318

Release Date:
=============
2022-10-10

Vulnerability Laboratory ID (VL-ID):
====================================
2318

Common Vulnerability Scoring System:
====================================
5.7

Vulnerability Class:
====================
Denial of Service…

Read More

WiFi File Transfer v1.0.8 – Cross Site Scripting Vulnerabilities

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
WiFi File Transfer v1.0.8 – Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2322

Release Date:
=============
2022-10-17

Vulnerability Laboratory ID (VL-ID):
====================================
2322

Common Vulnerability Scoring System:
====================================
5.6

Vulnerability Class:
====================
Cross Site…

Read More

Webile v1.0.1 – Directory Traversal Web Vulnerability

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Webile v1.0.1 – Directory Traversal Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2320

Release Date:
=============
2022-10-10

Vulnerability Laboratory ID (VL-ID):
====================================
2320

Common Vulnerability Scoring System:
====================================
7.3

Vulnerability Class:
====================
Directory- or…

Read More

Stripe Green Downloads 2.03 – Cross Site Scripting Web Vulnerability

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Stripe Green Downloads 2.03 – Cross Site Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2287

Release Date:
=============
2022-10-17

Vulnerability Laboratory ID (VL-ID):
====================================
2287

Common Vulnerability Scoring System:
====================================
5.2

Vulnerability Class:
====================
Cross Site…

Read More

Vicidial v2.14-783a – Multiple XSS Web Vulnerabilities

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Vicidial v2.14-783a – Multiple XSS Web Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2311

Release Date:
=============
2022-10-11

Vulnerability Laboratory ID (VL-ID):
====================================
2311

Common Vulnerability Scoring System:
====================================
5.2

Vulnerability Class:
====================
Cross Site Scripting…

Read More

Knap (APL) v3.1.3 – Persistent Cross Site Vulnerability

Read Time:16 Second

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Knap (APL) v3.1.3 – Persistent Cross Site Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2307

Release Date:
=============
2022-10-10

Vulnerability Laboratory ID (VL-ID):
====================================
2307

Common Vulnerability Scoring System:
====================================
5.7

Vulnerability Class:
====================
Cross Site…

Read More

OpenStack Horizon, it is posible to trigger a POST Request to any address

Read Time:25 Second

Posted by Sven Anders on Oct 20

Hi,

we opened a bug at OpenStack, 3 month ago, but nobody takes care about it. Due
to the OpenStack guidlines the bug report is now public readable.

https://bugs.launchpad.net/horizon/+bug/1980349

I am not a security expert and do not know how bad this bug is, there is now
CVE and so on. Please be kind.

# Description of the bug

We use OpenStack horizon in the following version: `git+https://opendev.org/

Read More