NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
86635  CVE-2017-7314  An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available.    Medium  2017-06-17  2017-06-14  View
86634  CVE-2017-7313  An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, it is possible to read any customer name, master Customer Id, and email address. In other words, anyone can search for users/customers in the system - no authentication is required.    Medium  2017-06-17  2017-06-14  View
86633  CVE-2017-7312  An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, anyone can add a vendor account or read existing vendor account data (including usernames and passwords).    7.5  High  2017-06-17  2017-06-14  View
84061  CVE-2017-7310  A buffer overflow vulnerability in Import Command in Sync Breeze Enterprise Client 9.5.16, Disk Sorter Enterprise Client 9.5.12, and DiskBoss Enterprise Client 7.8.16 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element.    6.8  Medium  2017-04-27  2017-04-03  View
84795  CVE-2017-7309  A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3.    3.5  Low  2017-07-18  2017-07-11  View

Page 280 of 17672, showing 5 records out of 88360 total, starting on record 1396, ending on 1400

Actions