Lucene search
K

11 matches found

EUVD
EUVD
added 2025/11/10 5:18 a.m.2 views

EUVD-2025-42787

Malicious code in okta-peyek83-miaww npm...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.9 views

CVE-2024-42787

A Stored Cross Site Scripting XSS vulnerability was found in "/music/ajax.php?action=saveplaylist" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via "title" & "description" parameter fields...

6.1CVSS6AI score0.00488EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:1 a.m.8 views

CVE-2023-42787

A client-side enforcement of server-side security CWE-602 vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client side code execution...

6.5CVSS7.2AI score0.01372EPSS
Exploits1
Circl
Circl
added 2025/05/01 7:14 p.m.5 views

CVE-2022-42787

creationtimestamp| type| source ---|---|--- 2025-05-01 19:14:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14374...

8.8CVSS8.1AI score0.00734EPSS
Exploits0References1
Circl
Circl
added 2024/08/26 5:59 p.m.8 views

CVE-2024-42787

creationtimestamp| type| source ---|---|--- 2024-08-26 17:59:17+00:00| seen| https://t.me/cvedetector/4165...

6.1CVSS4.8AI score0.00488EPSS
Exploits1References1
CVE
CVE
added 2023/10/10 4:48 p.m.59 views

CVE-2023-42787

Fortinet FortiManager (versions 7.4.0 and before 7.2.3) and FortiAnalyzer (versions 7.4.0 and before 7.2.3) are affected by a client-side enforcement of server-side security vulnerability (CWE-602) that could allow a remote attacker with low privileges to access a privileged web console via clien...

6.5CVSS6.7AI score0.01372EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2022/11/10 11:6 a.m.4 views

CVE-2022-42787 Wiesemann & Theis: Small number space for allocating session id in Com-Server family

Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to his account on the the device. As the user needs to log in for the attack to be...

8.8CVSS8.7AI score0.00734EPSS
Exploits0References1
CVE
CVE
added 2022/11/10 11:6 a.m.56 views

CVE-2022-42787

Wiesemann & Theis Comserver Series (W&T Comserver) is affected by CVE-2022-42787 due to using a small number space for session IDs. After a user logs in, an unauthenticated remote attacker can brute-force a valid session ID to gain access to the user’s account on the device. User interaction is r...

8.8CVSS8.7AI score0.00734EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2022/03/10 8:13 p.m.5 views

CVE-2021-42787

creationtimestamp| type| source ---|---|--- 2022-03-10 20:13:11+00:00| seen| https://t.me/cibsecurity/38666...

9.8CVSS8.7AI score0.01277EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/09 4:51 p.m.17 views

CVE-2021-42787 Directory Traversal Write/Delete/Partial Read at AgentConfigurationServlet

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

9.4CVSS9.7AI score0.01277EPSS
Exploits0References1
CVE
CVE
added 2022/03/09 4:51 p.m.81 views

CVE-2021-42787

The CVE-2021-42787 entry concerns the SteelCentral AppInternals Dynamic Sampling Agent (DSA) AgentConfigurationServlet. The vulnerability is a directory traversal flaw in the API endpoint /api/appInternals/1.0/agent/configuration, caused by lack of input validation on user input, which could enab...

9.8CVSS9.7AI score0.01277EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder