[Bug 1824079] CVE-2019-13967 itop: dos via many requests to launch a compile operation

Author:



A vulnerability was found in iTop 2.2.0 through 2.6.0 allows remote attackers to cause a denial of service (application outage) via many requests to launch a compile operation. The requests use the pages/exec.php?exec_env=production&exec_module=itop-hub-connector&exec_page=ajax.php&operation=compile URI.



Source link

You must be logged in to post a comment.

RELATED STORIES
Category Applications

Razer Chroma SDK Server 3.16.02 – Race Condition Remote File Execution

November 26, 2020
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 ...
Read More
Category Applications

Remote code execution in Fuji Electric V-Server Lite

November 25, 2020
This security advisory describes one high risk vulnerability. 1) Out-of-bounds write Risk: High CVSSv3: 7.7...
Read More
Category Applications

Sutro Biopharma to Host a Virtual KOL Event to Provide Clinical Update on Antibody-Drug Conjugate STRO-002 in Ovarian Cancer

November 24, 2020
SOUTH SAN FRANCISCO, Calif., Nov. 24, 2020 /PRNewswire/ — Sutro Biopharma, Inc. (NASDAQ: STRO), a clinical-stage...
Read More
Category Applications

Path traversal in zenn-cli package for npm

November 23, 2020
This security advisory describes one medium risk vulnerability. 1) Path traversal Risk: Medium CVSSv3: 5.7...
Read More
Category Applications

Oracle WebLogic Server Administration Console Handle Remote Code Execution

November 22, 2020
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule...
Read More
Category Applications

CVE-2020-28333 Barco wePresent Authentication Bypass – CXSecurity.com-漏洞情报、漏洞详情、安全漏洞、CVE

November 21, 2020
KL-001-2020-006 : Barco wePresent Authentication Bypass Title: Barco wePresent Authentication Bypass Advisory ID: KL-001-2020-006 Publication...
Read More
Category Applications

HomePod has been jailbroken with checkra1n

November 20, 2020
The Apple HomePod has finally been jailbroken with checkra1n jailbreak. Here’s all you need to...
Read More
Category Applications

OS Command Injection in Cisco Secure Web Appliance

November 19, 2020
This security advisory describes one low risk vulnerability. 1) OS Command Injection Risk: Low CVSSv3:...
Read More
Category Applications

CVE-2020-28915 – Alert Detail – Security Database

November 18, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
Category Applications

LCD_Service 1.0.1.0 – ‘LCD_Service’ Unquote Service Path

November 17, 2020
# Exploit Title: Huawei LCD_Service 1.0.1.0 - 'LCD_Service' Unquote Service Path # Date: 2020-11-07 #...
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact