CVE-2019-13489
CRITICAL
9.8
CVSS Severity Score
Vulnerability Description
Trape through 2019-05-08 has SQL injection via the data[2] variable in core/db.py, as demonstrated by the /bs t parameter.
Affected Platforms (CPE)
📦
Trape Project
CVEブラウザに戻る
関連する脆弱性情報
CVE-2017-177139.8
Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, ...
CVE-2017-177146.1
Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /regis...
CVE-2019-134886.1
A cross-site scripting (XSS) vulnerability in static/js/trape.js in Trape through 2019-05-08 allows remote attackers to inject arb...
CVE-2019-002010.0
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full contr...