Lumu to Emerge from Stealth at RSAC

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2018-16994
PUBLISHED: 2020-02-18

An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices. Incorrect handling of a request with non-standard symbols allows remote attackers to initiate a complete lock up of the bus coupler. Authentication of the request is no…

CVE-2020-7796
PUBLISHED: 2020-02-18

Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.

CVE-2020-8633
PUBLISHED: 2020-02-18

An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible.

CVE-2020-9268
PUBLISHED: 2020-02-18

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.

CVE-2020-9269
PUBLISHED: 2020-02-18

SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php.

Read More HERE

Leave a Reply