NOTIZIE & EVENTI

SERVIZI

Il Thesaurus offre una rappresentazione della conoscenza di un insieme di termini relativi alla Cybersecurity,...

Il servizio offre una piattaforma che consente ai Registrar di verificare eventuali problemi di performance e sicurezza...

Il servizio si prefigge di individuare comportamenti tipici dei ransomware quali, ad esempio, la cifratura di una...

Il servizio offre uno strumento semplice e rapido per l'autovalutazione per il calcolo del rischio cibernetico. Il...

ULTIMI CVE

Published Description
CVE-2018-17062
16-09-2018 13:29:00
An issue was discovered in SeaCMS 6.64. XSS exists in admin_video.php via the action, area, type, yuyan, jqtype, v_isunion, v_recycled, v_ismoney, or v_ispsd parameter.
CVE-2018-16459
06-09-2018 09:29:00
An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser.
CVE-2018-1000673
06-09-2018 08:29:00
WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time.
CVE-2017-1000600
06-09-2018 08:29:00
WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9
CVE-2018-16551
05-09-2018 18:29:00
LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/job/Zy8PWBekrJ/edit.

Pages