Lucene search
+L

220 matches found

CVE
CVE
added 2018/07/23 7:0 p.m.119 views

CVE-2018-1999007

CVE-2018-1999007 is a cross-site scripting vulnerability in Jenkins up to version 2.132 (and 2.121.1 and earlier for some components) involving the Stapler web framework. When Stapler debug mode is enabled, error/404 pages could display unescaped URL parts, allowing an attacker who can influence ...

5.4CVSS6.2AI score0.00894EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/06/05 6:29 a.m.25 views

CVE-2017-18286

nZEDb v0.7.3.3 has XSS in the 404 error page...

5.4CVSS5.3AI score0.0074EPSS
Exploits1References1
Prion
Prion
added 2018/06/05 6:29 a.m.22 views

Cross site scripting

nZEDb v0.7.3.3 has XSS in the 404 error page...

3.5CVSS5.2AI score0.0074EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/06/05 6:29 a.m.18 views

CVE-2017-18286

nZEDb v0.7.3.3 has XSS in the 404 error page...

5.4CVSS5.5AI score
Exploits0References1
CVE
CVE
added 2018/06/05 6:0 a.m.54 views

CVE-2017-18286

CVE-2017-18286 affects nZEDb v0.7.3.3, with a Cross‑Site Scripting (XSS) flaw on the 404 error page caused by inadequate input filtering in the 404 page rendering. This can allow an attacker to inject arbitrary script in the victim’s browser through the URL. Several sources corroborate the XSS is...

5.4CVSS5.2AI score0.0074EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/05 6:0 a.m.25 views

CVE-2017-18286

nZEDb v0.7.3.3 has XSS in the 404 error page...

5.2AI score0.0074EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/05 12:0 a.m.4 views

nZEDb Cross-Site Scripting Vulnerability

nZEDb is a set of open source usenet news network indexer , it provides a Web-based front-end , support for searching , browsing usenet . A cross-site scripting vulnerability exists in the 404 error page in version 0.7.3.3 of nZEDb, which stems from the program failing to adequately filter input....

5.4CVSS6.2AI score0.0074EPSS
Exploits1References1
Citrix
Citrix
added 2018/06/01 12:0 a.m.10 views

Error: "404 - File or directory not found" when launching new stores created on StoreFront

New stores created on StoreFront are showing error: "404 - File or directory not found" at launch. Old stores can be launched properly...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/05/11 12:0 a.m.47 views

openSUSE Security Update : php7 (openSUSE-2018-441)

This update for php7 fixes the following issues : Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

7.5CVSS6.2AI score0.10433EPSS
Exploits0References8
CNVD
CNVD
added 2018/05/02 12:0 a.m.4 views

PHP ext/phar/phar_object.c file suffers from a reflected cross-site scripting vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

6.1CVSS6.8AI score0.79949EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/04/29 12:0 a.m.48 views

CVE-2018-10547

An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an...

6.1CVSS6.9AI score0.0363EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2018/03/19 11:53 a.m.130 views

USN-3600-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain stream metadata. A remote attacker could possibly use this issue to set arbitrary metadata. This issue only affected Ubuntu 14.04 LTS. CVE-2016-10712 It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker...

9.8CVSS8AI score0.87606EPSS
Exploits4
Openbugbounty
Openbugbounty
added 2018/03/12 10:9 a.m.16 views

igi-global.com XSS vulnerability

Open Bug Bounty ID: OBB-578793 Description| Value ---|--- Affected Website:| igi-global.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Ubuntu
Ubuntu
added 2018/02/12 3:29 p.m.117 views

USN-3566-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting XSS attacks. CVE-2018-5712 It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use thi...

9.8CVSS7.2AI score0.79949EPSS
Exploits2
CNVD
CNVD
added 2018/01/18 12:0 a.m.3 views

PHP cross-site scripting vulnerability (CNVD-2018-03157)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

6.1CVSS6.6AI score0.79949EPSS
Exploits0References1
OSV
OSV
added 2018/01/16 9:29 a.m.23 views

CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...

6.1CVSS7.2AI score
Exploits0References13
AlpineLinux
AlpineLinux
added 2018/01/16 9:0 a.m.48 views

CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...

6.1CVSS7.5AI score0.79949EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/01/16 12:0 a.m.31 views

CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...

6.1CVSS6.9AI score0.79949EPSS
Exploits0References6
Hacker One
Hacker One
added 2017/08/05 3:47 p.m.25 views

ownCloud: This is not the security issue.

Here a subdomain path: https://apps.owncloud.com/ a strange thing in this domain is that a new user can not create account but he can login in. On that path:- https://apps.owncloud.com/usermanager/new.php In this path registration file has been removed or something and saying 404 error. I mean wh...

0.6AI score
Exploits0
Hacker One
Hacker One
added 2017/02/09 6:11 p.m.57 views

Informatica: [wave.informatica.com]- Subdomain missconfiguration

One of your subdomain https://wave.informatica.com has a CNAME record that resolved to ghs.google.com and shows 404 error when navigating to subdomain. You should remove CNAME entry for that subdomain pointing towards ghs.google.com. Although I couldnt verify the domain ownership process to fully...

7AI score
Exploits0
Rows per page
Query Builder