Security Advisory 2303-01
Trovent Security GmbH discovered that the Eramba web application allows remote code execution for authenticated users.
Security Advisory 2203-01
Trovent Security GmbH discovered that the GroupWise web application transmits the session ID in HTTP GET requests in the URL when email content is accessed.
Security Advisory 2109-01
Trovent Security GmbH discovered an SQL injection vulnerability in the search function of the calendar module.
Security Advisory 2105-02
Trovent Security GmbH discovered that the Dolibarr application does not escape "greater than" and "smaller than" characters if they are reflected in one of the small pop-up windows with details of the object.
Security Advisory 2010-01
Trovent Security GmbH discovered an email address enumeration vulnerability in the password reset function of the chat application Rocket.Chat. This vulnerability lets an unauthorized user enumerate registered email addresses on the instance of Rocket.Chat.
KHZG: Das Upgrade für Ihre IT-Sicherheit 2021
Nutzen Sie das Krankenhauszukunftsgesetz, um Ihre IT-Sicherheit einem Upgrade in 2021 zu unterziehen!
Security Advisory 2004-01
Trovent Security GmbH discovered an SQL injection vulnerability in a web application of Hepstar. An attacker is able to execute SQL commands without authentication. It is possible to read data from all tables of the database.