Lucene search
+L

117 matches found

OSV
OSV
added 2013/06/18 12:0 a.m.38 views

DSA-2710-1 xml-security-c - several

Bulletin has no description...

7.5CVSS5.9AI score0.08402EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/06/17 12:0 a.m.18 views

Debian: Security Advisory (DSA-2710-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.08402EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2012/10/01 12:0 a.m.45 views

CVE-2012-2153

Removed by vendor...

4CVSS6.7AI score0.01881EPSS
Exploits0
CVE
CVE
added 2012/10/01 12:0 a.m.118 views

CVE-2012-2153

CVE-2012-2153 affects Drupal 7.x prior to 7.14. The issue is an improper restriction of access to nodes in a list when using a contributed node access module, allowing remote authenticated users with the “Access the content overview page” permission to read all published nodes via the admin/conte...

4CVSS6AI score0.01881EPSS
Exploits0References7Affected Software1
Drupal
Drupal
added 2012/05/02 12:0 a.m.677 views

SA-CORE-2012-002 - Drupal core multiple vulnerabilities

Denial of Service CVE: CVE-2012-1588 Drupal core's text filtering system provides several features including removing inappropriate HTML tags and automatically linking content that appears to be a link. A pattern in Drupal's text matching was found to be inefficient with certain specially crafted...

5.8CVSS5.8AI score0.02401EPSS
Exploits3References23
NVD
NVD
added 2011/05/20 10:55 p.m.23 views

CVE-2011-2153

Login.aspx in the SmarterTools SmarterStats 6.0 web server supports URLs containing txtUser and txtPass parameters in the query string, which makes it easier for context-dependent attackers to discover credentials by reading 1 web-server access logs, 2 web-server Referer logs, or 3 the browser...

5CVSS6.5AI score0.02014EPSS
Exploits0References4
CVE
CVE
added 2011/05/20 10:0 p.m.49 views

CVE-2011-2153

CVE-2011-2153 affects SmarterTools SmarterStats 6.0 Web server. The vulnerability arises from Login.aspx accepting txtUser/txtPass in the query string, enabling context-dependent attackers to discover credentials by reading server access logs, Referer logs, or browser history (cross-domain Refere...

5CVSS6.7AI score0.02014EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/01/31 12:0 a.m.268 views

Debian DSA-2153-1 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem...

7.8CVSS6.4AI score0.03521EPSS
Exploits21References41
CVE
CVE
added 2010/06/03 4:0 p.m.44 views

CVE-2010-2153

Affected software: TCExam (versions 10.1.006 and 10.1.007). Vulnerable component: admin/code/tce_functions_tcecode_editor.php. Root cause / vulnerability type: Unrestricted file upload allowing an uploaded file with an executable extension to be stored and then accessed via a direct request to th...

6.8CVSS7.9AI score0.07472EPSS
Exploits1References6Affected Software1
Circl
Circl
added 2010/06/02 12:0 a.m.6 views

CVE-2010-2153

creationtimestamp| type| source ---|---|--- 2010-06-02 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34073...

6.8CVSS5.8AI score0.07472EPSS
Exploits1References1
CVE
CVE
added 2009/06/22 2:0 p.m.42 views

CVE-2009-2153

CVE-2009-2153 affects Impleo Music Collection 2.0 (index.php). The vulnerability is a cross-site scripting (XSS) flaw in the sort parameter, enabling remote attackers to inject arbitrary web script or HTML. No further root-cause details are provided beyond the description; exploitation details ar...

4.3CVSS5.9AI score0.01255EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2009/06/15 12:0 a.m.7 views

CVE-2009-2153

creationtimestamp| type| source ---|---|--- 2009-06-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8947...

4.3CVSS5.8AI score0.01255EPSS
Exploits0References1
CVE
CVE
added 2007/04/19 10:0 a.m.46 views

CVE-2007-2153

CVE-2007-2153 is a cross-site scripting (XSS) vulnerability in the atmail.php component of @Mail 5.0. The issue allows remote attackers to inject arbitrary web script or HTML via the username parameter. The CVSS v2 base score is 6.8 (Medium) with network attack vector, no authentication, and part...

6.8CVSS5.7AI score0.01183EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/05/03 10:0 a.m.41 views

CVE-2006-2153

CVE-2006-2153 describes a cross-site scripting (XSS) vulnerability in DirectAdmin Hosting Management, specifically in the HTM_PASSWD component. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the domain parameter. This is the explicit vulnerability described i...

4.3CVSS5.7AI score0.0118EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/11/16 9:17 p.m.60 views

CVE-2002-2153

The vulnerability CVE-2002-2153 is a format string flaw in the PL/SQL module’s administrative pages of Oracle Application Server 4.0.8 (and 4.0.8 2). The underlying issue is a format string vulnerability that allows remote attackers to execute arbitrary code. The affected component is the PL/SQL ...

7.5CVSS9.5AI score0.0735EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/07/06 4:0 a.m.114 views

CVE-2005-2153

CVE-2005-2153 affects osTicket 1.3.1 beta and earlier, where a vulnerability in the PHP file class.ticket.php allows a remote attacker to inject SQL via the ticket variable, enabling arbitrary SQL commands. This is a classic SQL injection flaw that can impact data integrity and confidentiality. T...

7.5CVSS8.4AI score0.01332EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2005/07/01 4:0 a.m.50 views

CVE-2004-2153

Technical details for CVE-2004-2153 are not publicly provided in the supplied documents. No specifics on affected product/version, root cause, impact, or remediation are available here; monitor for updates.

10CVSS7.2AI score0.01703EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder