CVE-2020-19274

A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.
Source: NIST
CVE-2020-19274

CVE-2021-30214

Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injection in ‘/knowage/restful-services/signup/update’ via the ‘name’ parameter.
Source: NIST
CVE-2021-30214

CVE-2021-30213

Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in ‘/servlet/AdapterHTTP’ via the ‘targetService’ parameter.
Source: NIST
CVE-2021-30213

CVE-2021-30211

Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). An attacker can inject arbitrary web script in ‘/knowage/restful-services/signup/update’ via the ‘surname’ parameter.
Source: NIST
CVE-2021-30211

CVE-2021-30212

Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). An attacker can inject arbitrary web script in ‘/knowage/restful-services/documentnotes/saveNote’ via the ‘nota’ parameter.
Source: NIST
CVE-2021-30212

Hashes, Salts, and Rainbow Tables: Confessions of a Password Cracker

Understanding a few basics about how password crackers think and behave could help you keep your users safer.
Source: DarkReading
Hashes, Salts, and Rainbow Tables: Confessions of a Password Cracker

CVE-2021-32572

Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET request for a URI with /.. at the beginning, as demonstrated by reading the /etc/passwd file.
Source: NIST
CVE-2021-32572

CVE-2021-32611

A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses.
Source: NIST
CVE-2021-32611

CVE-2020-23790

An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.
Source: NIST
CVE-2020-23790

Cybersecurity: What Is Truly Essential?

In an effort to protect their organizations, security professionals can overdo it. The result often works against them.
Source: DarkReading
Cybersecurity: What Is Truly Essential?