Common Vulnerabilities and Exposures

XML External Entity (XXE) injection in JOC Cockpit/Jobscheduler allows reading server files and SSRF

Denial of service in JOC Cockpit/Jobscheduler allows attackers to crash the job scheduling service

Multiple stored cross-site scripting vulnerabilities in JOC Cockpit/Jobscheduler allow persistent script injection

Iniekcja SQL w F5 BIG-IP AFM (Advanced Firewall Manager) umożliwia ataki na bazę danych urządzenia bezpieczeństwa

TMOS Shell privilege escalation in F5 BIG-IP allows users to gain elevated privileges

Authenticated directory traversal and LFI in Observium via additional vulnerable path

Cross-site scripting in Observium via additional vulnerable parameter

SQL injection in Observium via another injection point allows database attacks

Cross-site scripting in Observium via different vulnerable functionality

Authenticated directory traversal and LFI in Observium via separate endpoint

Authenticated directory traversal and LFI in Observium allows server file access

SQL injection in Observium via additional vulnerable parameter allows database manipulation

Cross-site request forgery in Observium allows attackers to perform actions on behalf of authenticated users

Cross-site scripting in Observium via additional vulnerable input

Cross-site scripting in Observium via different request parameter