Advisories | INTEGRITY Labs

Home
Articles
Advisories
Tools
VDP
About

Advisories

CVE-2020-13990 (To Be Disclosed)
CVE-2020-13989 (To Be Disclosed)
CVE-2019-7558 (To Be Disclosed)
CVE-2019-7557 (To Be Disclosed)
CVE-2019-7556 (To Be Disclosed)
CVE-2021-31858 Stored Cross-Site Scripting in DotNetNuke
CVE-2021-42567 Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints.
CVE-2021-44263 Cross-Site Scripting in Gurock TestRail
CVE-2021-41844 Open Redirect in JetEngine Wordpress Plugin
CVE-2021-38607 Stored Cross-Site Scripting in JetEngine Wordpress Plugin
CVE-2020-13639 - Outsystems ECT Provider Unauthenticated Cross-Site Scripting Stored
CVE-2019-5493 - Information Disclosure Vulnerability in Data ONTAP operating in 7-Mode
CVE-2021-29357 - Outsystems ECT Provider Server Side Request Forgery
CVE-2020-13963 - SOPlanning Authentication Bypass
CVE-2020-15934 - Privilege escalation vulnerability in FortiClient for Linux
CVE-2018-10377 - Insufficient Validation of Burp Collaborator Server Certificate
CVE-2017-9376 - ManageEngine ServiceDesk Plus Local File Inclusion
CVE-2017-9362 - ManageEngine ServiceDesk Plus XML External Entity via CMDB API
CVE-2017-10992 - HP Storage Essentials Remote Code Execution via Java deserialization
CVE-2016-10125 - DLink DGS-1100 switch static hard-coded TLS crypto keys in firmware
CVE-2016-3670 Stored Cross Site Scripting in Liferay CE
CVE-2016-4056 - Stored Cross-Site Scripting in TYPO3 Bookmarks
Insecure Direct Object Reference in OSTicket attachments
CVE-2015-7968 - SAP Netweaver Application Server XXE (SAP Security Note 2183189)
Google AOSP Email App HTML Injection
CVE-2015-7342 Multiple SQL Injection in JNews Joomla Component
CVE-2015-7340 SQL Injection in JEvents Joomla Component
CVE-2015-7338 SQL Injection in AcyMailing Joomla Component
CVE-2015-7341 Bypass File Upload Restriction in JNews Joomla Component
CVE-2015-7343 Reflected Cross-Site Scripting in JNews Joomla Component
CVE-2015-7339 Bypass File Upload Restriction in JCE Joomla Component
CVE-2015-7344 Cross-Site Scripting in HikaShop Joomla Component
CVE-2015-7349 - Reflected cross-site scripting vulnerability in DIGIPASS authentication for Citrix Web Interface
CVE-2015-3784 Apple iOS Office Viewer XXE vulnerability
CVE-2014-4925 HTML injection in Good For Enterprise Android
CVE-2014-1635 Belkin N750 Buffer Overflow
CVE-2014-1634 - SQL Injection in Advanced Newsletter Magento extension
CVE-2013-3319 - SAP Host Agent Information Disclosure

Latest Advisories

CVE-2021-31858 Stored Cross-Site Scripting in DotNetNuke
CVE-2021-42567 Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints.
CVE-2021-44263 Cross-Site Scripting in Gurock TestRail
CVE-2021-41844 Open Redirect in JetEngine Wordpress Plugin
CVE-2021-38607 Stored Cross-Site Scripting in JetEngine Wordpress Plugin

Latest Articles

The Curious Case of Apple iOS IKEv2 VPN On Demand
Gmail Android app insecure Network Security Configuration.
Reviewing Android Webviews fileAccess attack vectors.
Droidstat-X, Android Applications Security Analyser Xmind Generator
Uber Hacking: How we found out who you are, where you are and where you went!

© 2022 Integrity Part of Devoteam. All rights reserved.