Show filters
8 Total Results
Displaying 1-8 of 8
Sort by:
Attacker Value
Unknown
CVE-2017-15608
Disclosure Date: September 26, 2018 (last updated November 27, 2024)
Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings.
0
Attacker Value
Unknown
CVE-2017-15607
Disclosure Date: December 01, 2017 (last updated November 26, 2024)
Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving '/' characters or initial '.' characters, aka OT-181.
0
Attacker Value
Unknown
CVE-2017-17086
Disclosure Date: December 01, 2017 (last updated November 26, 2024)
Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor.
0
Attacker Value
Unknown
CVE-2017-16520
Disclosure Date: November 11, 2017 (last updated November 26, 2024)
Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners.
0
Attacker Value
Unknown
CVE-2017-16761
Disclosure Date: November 10, 2017 (last updated November 26, 2024)
An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites.
0
Attacker Value
Unknown
CVE-2017-16521
Disclosure Date: November 10, 2017 (last updated November 26, 2024)
In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used.
0
Attacker Value
Unknown
CVE-2017-16760
Disclosure Date: November 10, 2017 (last updated November 26, 2024)
Inedo BuildMaster before 5.8.2 has XSS.
0
Attacker Value
Unknown
CVE-2017-14944
Disclosure Date: September 30, 2017 (last updated November 26, 2024)
Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060.
0
