Show filters
200 Total Results
Displaying 81-90 of 200
Sort by:
Attacker Value
Unknown

CVE-2019-14518

Disclosure Date: August 15, 2019 (last updated November 08, 2023)
Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel.
0
Attacker Value
Unknown

CVE-2019-3890

Disclosure Date: August 01, 2019 (last updated November 27, 2024)
It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference.
0
Attacker Value
Unknown

CVE-2019-1010123

Disclosure Date: July 23, 2019 (last updated November 27, 2024)
MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web request via /assets/components/gallery/connector.php.
0
Attacker Value
Unknown

CVE-2016-8901

Disclosure Date: May 23, 2019 (last updated November 27, 2024)
b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php.
0
Attacker Value
Unknown

CVE-2018-15587

Disclosure Date: February 11, 2019 (last updated November 27, 2024)
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.
0
Attacker Value
Unknown

CVE-2018-20757

Disclosure Date: February 06, 2019 (last updated November 27, 2024)
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
0
Attacker Value
Unknown

CVE-2018-20758

Disclosure Date: February 06, 2019 (last updated November 27, 2024)
MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.
Attacker Value
Unknown

CVE-2018-20755

Disclosure Date: February 06, 2019 (last updated November 27, 2024)
MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.
0
Attacker Value
Unknown

CVE-2018-20756

Disclosure Date: February 06, 2019 (last updated November 27, 2024)
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
0
Attacker Value
Unknown

CVE-2018-16637

Disclosure Date: December 28, 2018 (last updated November 27, 2024)
Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI.
0