Advisories | INTEGRITY Labs

Home
Articles
Advisories
Tools
VDP
About

Advisories

CVE-2021-31858 (To Be Disclosed)
CVE-2020-13990 (To Be Disclosed)
CVE-2020-13989 (To Be Disclosed)
CVE-2019-7558 (To Be Disclosed)
CVE-2019-7557 (To Be Disclosed)
CVE-2019-7556 (To Be Disclosed)
CVE-2021-42567 Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints.
CVE-2021-44263 Cross-Site Scripting in Gurock TestRail
CVE-2021-41844 Open Redirect in JetEngine Wordpress Plugin
CVE-2021-38607 Stored Cross-Site Scripting in JetEngine Wordpress Plugin
CVE-2020-13639 - Outsystems ECT Provider Unauthenticated Cross-Site Scripting Stored
CVE-2019-5493 - Information Disclosure Vulnerability in Data ONTAP operating in 7-Mode
CVE-2021-29357 - Outsystems ECT Provider Server Side Request Forgery
CVE-2020-13963 - SOPlanning Authentication Bypass
CVE-2020-15934 - Privilege escalation vulnerability in FortiClient for Linux
CVE-2018-10377 - Insufficient Validation of Burp Collaborator Server Certificate
CVE-2017-9376 - ManageEngine ServiceDesk Plus Local File Inclusion
CVE-2017-9362 - ManageEngine ServiceDesk Plus XML External Entity via CMDB API
CVE-2017-10992 - HP Storage Essentials Remote Code Execution via Java deserialization
CVE-2016-10125 - DLink DGS-1100 switch static hard-coded TLS crypto keys in firmware
CVE-2016-3670 Stored Cross Site Scripting in Liferay CE
CVE-2016-4056 - Stored Cross-Site Scripting in TYPO3 Bookmarks
Insecure Direct Object Reference in OSTicket attachments
CVE-2015-7968 - SAP Netweaver Application Server XXE (SAP Security Note 2183189)
Google AOSP Email App HTML Injection
CVE-2015-7342 Multiple SQL Injection in JNews Joomla Component
CVE-2015-7340 SQL Injection in JEvents Joomla Component
CVE-2015-7338 SQL Injection in AcyMailing Joomla Component
CVE-2015-7341 Bypass File Upload Restriction in JNews Joomla Component
CVE-2015-7343 Reflected Cross-Site Scripting in JNews Joomla Component
CVE-2015-7339 Bypass File Upload Restriction in JCE Joomla Component
CVE-2015-7344 Cross-Site Scripting in HikaShop Joomla Component
CVE-2015-7349 - Reflected cross-site scripting vulnerability in DIGIPASS authentication for Citrix Web Interface
CVE-2015-3784 Apple iOS Office Viewer XXE vulnerability
CVE-2014-4925 HTML injection in Good For Enterprise Android
CVE-2014-1635 Belkin N750 Buffer Overflow
CVE-2014-1634 - SQL Injection in Advanced Newsletter Magento extension
CVE-2013-3319 - SAP Host Agent Information Disclosure

Latest Advisories

CVE-2021-42567 Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints.
CVE-2021-44263 Cross-Site Scripting in Gurock TestRail
CVE-2021-41844 Open Redirect in JetEngine Wordpress Plugin
CVE-2021-38607 Stored Cross-Site Scripting in JetEngine Wordpress Plugin
CVE-2020-13639 - Outsystems ECT Provider Unauthenticated Cross-Site Scripting Stored

Latest Articles

The Curious Case of Apple iOS IKEv2 VPN On Demand
Gmail Android app insecure Network Security Configuration.
Reviewing Android Webviews fileAccess attack vectors.
Droidstat-X, Android Applications Security Analyser Xmind Generator
Uber Hacking: How we found out who you are, where you are and where you went!

© 2022 Integrity Part of Devoteam. All rights reserved.