Results for

Benjamin Kunz Mejri

10
HIGH
CVE-2015-8051

The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors.

4.3
MEDIUM
CVE-2012-4739

Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) ...

BarracudanetworksBarracuda Ssl Vpn
6
MEDIUM
CVE-2011-5050

SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party i...

7.5
HIGH
CVE-2012-1226

Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/action/f...

DolibarrDolibarr
7.5
HIGH
CVE-2012-1225

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php.

DolibarrDolibarr
4.3
MEDIUM
CVE-2016-7851

Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.

AdobeConnect
4.3
MEDIUM
CVE-2017-15374

Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent exe...

ShopwareShopware
4.3
MEDIUM
CVE-2016-6186

Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or...

7.2
HIGH
CVE-2018-5282

** DISPUTED ** Kentico 9.0 through 11.0 has a stack-based buffer overflow via the SqlName, SqlPswd, Database, UserName, or Password field in a SilentInstall XML document. NOTE: the vendor disputes this issue because neither a buffer overflow nor a crash can be reproduced; also, r...