Lucene search
K

109 matches found

NVD
NVD
added 2020/03/17 3:15 p.m.9 views

CVE-2019-20493

cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled SEC-520...

6.1CVSS6.3AI score0.00744EPSS
Exploits0References1
Prion
Prion
added 2020/03/17 3:15 p.m.12 views

Design/Logic Flaw

cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled SEC-520...

4.3CVSS6.3AI score0.00744EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/17 2:24 p.m.20 views

CVE-2019-20493

cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled SEC-520...

6.3AI score0.00744EPSS
Exploits0References1
CVE
CVE
added 2020/03/17 2:24 p.m.70 views

CVE-2019-20493

CVE-2019-20493 affects cPanel prior to 82.0.18. The vulnerability is a self‑XSS caused by mishandled JSON string escaping (SEC-520). Exploitation would require user interaction and can originate from a network context, with a CVSS3.1 base score of 6.1 (MEDIUM) and CVSS2 score of 4.3 (MEDIUM) as d...

6.1CVSS6.3AI score0.00744EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2020/02/03 12:15 p.m.10 views

harwinsglobal.com Improper Access Control vulnerability

Security Researcher error404 Helped patch 520 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting harwinsglobal.com website and its users. Following...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/01/05 2:16 p.m.10 views

trumaple.ca Cross Site Scripting vulnerability

Security Researcher error404 Helped patch 520 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting trumaple.ca website and its users. Following coordinated a...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.29 views

Debian DLA-520-1 : horizon security update

It was discovered that there was an XSS vulnerability in horizon, a Django module providing web interaction with OpenStack. For Debian 7 'Wheezy', this issue has been fixed in horizon version 2012.1.1-10+deb7u1. We recommend that you upgrade your horizon packages. NOTE: Tenable Network Security h...

5.4CVSS6.3AI score0.02068EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2016/05/02 11:4 a.m.11 views

wunderground.com XSS vulnerability

Vulnerable URL: https://www.wunderground.com/blog/nationalsummary/weather-underground-national-forecast-for-friday-april-29%27%22%3E%3CScRiPt%20%3Eprompt%28/OPENBUGBOUNTY/%29%3C/ScRiPt%3E-2016 Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 08:...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.60 views

F5 Networks BIG-IP : SSH vulnerability (K13600)

A platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using secure shell SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect. The following platforms a...

5.6AI score
Exploits0References2
Cisco
Cisco
added 2013/10/07 6:25 p.m.49 views

Cisco NX-OS Software Routing Information Protocol Denial of Service Vulnerability

A vulnerability in the Routing Information Protocol RIP service engine of Cisco NX-OS Software could allow an unauthenticated, remote attacker to create a denial of service DoS condition by causing the RIP service engine to restart. The vulnerability is due to improper input filtering of RIP...

5CVSS1.9AI score0.02999EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2012/06/14 12:0 a.m.132 views

F5 BIG-IP remote root authentication bypass Vulnerability

A platform-specific remote root access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a publicly known SSH private key for the root user which is present on all vulnerable appliances. The...

7.8CVSS0.4AI score0.63078EPSS
Exploits15References2
NVD
NVD
added 2012/02/25 4:21 a.m.19 views

CVE-2012-0364

Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495...

7.8CVSS6.9AI score0.01203EPSS
Exploits0References2
NVD
NVD
added 2012/02/25 4:21 a.m.18 views

CVE-2012-0363

The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID...

9CVSS7.6AI score0.02198EPSS
Exploits0References2
NVD
NVD
added 2012/02/25 4:21 a.m.20 views

CVE-2012-0365

Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified...

9CVSS6.6AI score0.03241EPSS
Exploits0References2
Prion
Prion
added 2012/02/25 4:21 a.m.15 views

Command injection

The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID...

9CVSS8.1AI score0.02198EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2012/02/25 2:0 a.m.47 views

CVE-2012-0363

Cisco SRP 500 Series Web Interface Command Injection (CVE-2012-0363) affects Cisco SRP 520/540 series devices with specific pre-update firmware. An authenticated user could cause the device to execute arbitrary OS commands via the web interface (command injection) as described in CSCtt46871. Affe...

9CVSS7.8AI score0.02198EPSS
Exploits0References2Affected Software4
Cvelist
Cvelist
added 2012/02/25 2:0 a.m.22 views

CVE-2012-0364

Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495...

6.9AI score0.01203EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/02/25 2:0 a.m.29 views

CVE-2012-0363

The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID...

7.6AI score0.02198EPSS
Exploits0References2
CVE
CVE
added 2012/02/25 2:0 a.m.41 views

CVE-2012-0365

Cisco SRP 500 Series devices (including SRP 521W/526W/527W and SRP 521W-U/526W-U/527W-U; and SRP 541W/546W/547W) with firmware before 1.1.26 (520 series) or before 1.2.4 (520W‑U and 540 series) are affected by CVE-2012-0365. The vulnerability is a directory traversal in the Local TFTP file-upload...

9CVSS6.7AI score0.03241EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2012/02/25 2:0 a.m.40 views

CVE-2012-0364

CVE-2012-0364 affects Cisco Small Business SRP 500 Series devices (SRP 520/520W-U/540) with firmware older than 1.1.26 or 1.2.4, where an unauthenticated remote attacker could upload a configuration file via an unspecified URL, potentially replacing device configurations. The Cisco Security Advis...

7.8CVSS7.2AI score0.01203EPSS
Exploits0References2Affected Software4
Rows per page
Query Builder