NVD – CVE-2018-15641
CVE-2018-15641 Detail Current Description Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject…
Security Information and News
CVE-2018-15641 Detail Current Description Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject…
CVE-2018-15638 Detail Current Description Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web…
CVE-2018-15634 Detail Current Description Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web…
CVE-2018-15633 Detail Current Description Cross-site scripting (XSS) issue in “document” module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web…
CVE-2018-15632 Detail Current Description Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty…
CVE-2019-14476 Detail Current Description AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the NetCrunch server. Every user can trick the server into performing SMB requests to other…
References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…
Current Description AdRem NetCrunch 10.6.0.4587 has a stored Cross-Site Scripting (XSS) vulnerability in the NetCrunch web client. The user’s input data is not properly encoded when being echoed back to…
CVE-2019-14479 Detail Current Description AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. In the NetCrunch web client, a read-only administrator can execute arbitrary code on the server running the NetCrunch server…
CVE-2019-14480 Detail Current Description AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges. View…