Lucene search
K

205 matches found

ATTACKERKB
ATTACKERKB
added 2013/08/29 12:7 p.m.2 views

CVE-2013-5646

Cross-site scripting XSS vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group...

3.5CVSS5.7AI score0.01152EPSS
Exploits1References2
Prion
Prion
added 2013/08/29 12:7 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group...

3.5CVSS5.7AI score0.01152EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2013/08/29 10:0 a.m.42 views

CVE-2013-5646

Roundcube webmail 1.0-git is affected by a cross-site scripting (XSS) vulnerability that allows remote authenticated users to inject arbitrary web script or HTML through the Name field of an addressbook group. The linked sources consistently describe XSS in this component/version, but do not prov...

3.5CVSS5.4AI score0.01152EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2013/08/29 10:0 a.m.21 views

CVE-2013-5646

Cross-site scripting XSS vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group...

3.5CVSS5.3AI score0.01152EPSS
Exploits1
OpenVAS
OpenVAS
added 2013/05/31 12:0 a.m.22 views

Fedora Update for kdelibs3 FEDORA-2013-8689

Check for the Version of kdelibs3 OpenVAS Vulnerability Test Fedora Update for kdelibs3 FEDORA-2013-8689 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS6.4AI score0.0198EPSS
Exploits0References2
securityvulns
securityvulns
added 2012/12/18 12:0 a.m.70 views

Addressbook v8.1.24.1 Group Name XSS

Instructions. After authentication, click on the Group tab at the top. Click on the New Group Button on the group page. For the group name the first field enter the following XSS test string: SCRIPTalertString.fromCharCode88,83,83/SCRIPT Then call the XSS string from the URL -- technically one...

6.1AI score
Exploits0
exploitpack
exploitpack
added 2012/08/28 12:0 a.m.15 views

mieric AddressBook 1.0 - SQL Injection

mieric AddressBook 1.0 - SQL Injection ----------------------------------------------------- mieric addressBook 1.0 Vendor information: "MieRic address book is wrote in PERL and holds data via a MYSQL database. Users can add multiple EMAIL, ADDRESS, PHONE, CONTACTS, IMAGE AVATAR and PGP keys as...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/08/28 12:0 a.m.20 views

mieric AddressBook 1.0 - SQL Injection

----------------------------------------------------- mieric addressBook 1.0 Vendor information: "MieRic address book is wrote in PERL and holds data via a MYSQL database. Users can add multiple EMAIL, ADDRESS, PHONE, CONTACTS, IMAGE AVATAR and PGP keys as they want. The addressBook is password...

7.4AI score
Exploits0
NVD
NVD
added 2012/07/25 9:55 p.m.20 views

CVE-2012-2307

Cross-site request forgery CSRF vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.1AI score0.00636EPSS
Exploits0References3
NVD
NVD
added 2012/07/25 9:55 p.m.14 views

CVE-2012-2306

SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.0121EPSS
Exploits0References3
Prion
Prion
added 2012/07/25 9:55 p.m.15 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.6AI score0.00636EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2012/07/25 9:55 p.m.21 views

Sql injection

SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.0121EPSS
Exploits0References3
CVE
CVE
added 2012/07/25 9:0 p.m.55 views

CVE-2012-2306

The CVE-2012-2306 entry concerns the Drupal Addressbook contributed module, affected in 6.x-4.2 and earlier. The root cause is a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Impact is described as potential partial confidentia...

7.5CVSS8.7AI score0.0121EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2012/07/25 9:0 p.m.22 views

CVE-2012-2307

Cross-site request forgery CSRF vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

7.1AI score0.00636EPSS
Exploits0References3
CVE
CVE
added 2012/07/25 9:0 p.m.40 views

CVE-2012-2307

CVE-2012-2307 describes a Cross-site request forgery (CSRF) in the Drupal contributed Addressbook module (versions 6.x-4.2 and earlier) that could allow remote attackers to hijack user authentication via unspecified vectors. Root cause details are not provided in the documents. The Drupal SA advi...

6.8CVSS7.4AI score0.00636EPSS
Exploits0References3Affected Software1
Drupal
Drupal
added 2012/05/02 12:0 a.m.32 views

SA-CONTRIB-2012-069 - Addressbook - Multiple vulnerabilities - Unsupported

This module contains a simple addressbook. The module has multiple issues including SQL Injection and Cross Site Request Forgery. For the SQL Injection issue - CVE: CVE-2012-2306 For the CSRF issue - CVE: CVE-2012-2307 Versions affected 6.x-4.2 and before Drupal core is not affected. If you do no...

7.5CVSS7.5AI score0.0121EPSS
Exploits0References7
NVD
NVD
added 2011/11/01 10:55 p.m.14 views

CVE-2010-4990

SQL injection vulnerability in the Front-edit Address Book comaddressbook component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php...

7.5CVSS8.3AI score0.01014EPSS
Exploits1References4
seebug.org
seebug.org
added 2011/08/10 12:0 a.m.17 views

iPhone/iPad Phone Drive 1.1.1 Directory Traversal

No description provided by source. !/usr/bin/python ---------------------------------------------------------------- Software : iPhone/iPad Phone Drive 1.1.1 Type of vulnerability : Directory Traversal Tested On : iPhone 4 IOS 4.3.3/Jailbroken...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/09 12:0 a.m.27 views

iphone/ipad phone drive 1.1.1 - Directory Traversal

!/usr/bin/python ---------------------------------------------------------------- Software : iPhone/iPad Phone Drive 1.1.1 Type of vulnerability : Directory Traversal Tested On : iPhone 4 IOS 4.3.3/Jailbroken ---------------------------------------------------------------- Program Developer :...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/06/04 12:0 a.m.51 views

PHP-AddressBook v6.2.12 (view.php) SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Rows per page
Query Builder