CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2018/04/05 1:29 p.m.•9 views

CVE-2018-1000152

An improper authorization vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java,...

6.5CVSS6.4AI score0.00058EPSS

Exploits0References1

CVE•added 2018/04/05 1:0 p.m.•62 views

CVE-2018-1000152

CVE-2018-1000152 affects Jenkins with the vSphere Plugin (2.16 and older). The vulnerability is an improper authorization issue in multiple vSphere-related UI actions (form validation) that can cause the plugin to send numerous requests to a configured vSphere server, potentially leading to denia...

6.5CVSS6.3AI score0.00058EPSS

Exploits0References1Affected Software1

CVE•added 2017/11/03 6:0 p.m.•50 views

CVE-2017-1000152

CVE-2017-1000152 affects Mahara 15.04 prior to 15.04.7 and 15.10 prior to 15.10.3 when running PHP 5.3. The issue allows one user to be logged in as another on a separate computer because the same session ID is served. Root cause: duplicate/session response handling leads to cross-user session ex...

9.8CVSS9.4AI score0.00344EPSS

Exploits0References1Affected Software1

NVD•added 2016/10/10 8:59 p.m.•12 views

CVE-2016-1000152

Reflected XSS in wordpress plugin tidio-form v1.0...

6.1CVSS6AI score0.06492EPSS

Exploits2References3

CVE•added 2016/10/10 8:0 p.m.•64 views

CVE-2016-1000152

WordPress plugin tidio-form 1.0 as indicated by the connected documents. If available, refer to the NVD/Nuclei entries for details on affected paths and proof-of-concept payloads.

6.1CVSS5.9AI score0.06492EPSS

Exploits2References3Affected Software1