Lucene search
K

44 matches found

OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2016:1024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.3693EPSS
Exploits0References15
NVD
NVD
added 2021/01/05 3:15 p.m.14 views

CVE-2020-26046

FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account and also impact other visitors...

5.4CVSS5.2AI score0.00653EPSS
Exploits1References2
OSV
OSV
added 2021/01/05 3:15 p.m.14 views

CVE-2020-26046

FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account and also impact other visitors...

5.4CVSS5.8AI score0.00653EPSS
Exploits1References2
Prion
Prion
added 2021/01/05 3:15 p.m.16 views

Cross site scripting

FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account and also impact other visitors...

4.3CVSS5.1AI score0.00653EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/01/05 2:17 p.m.16 views

CVE-2020-26046

FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account and also impact other visitors...

5.2AI score0.00653EPSS
Exploits1References2
CVE
CVE
added 2021/01/05 2:17 p.m.42 views

CVE-2020-26046

CVE-2020-26046 affects FUEL CMS 1.4.11. A stored cross-site scripting vulnerability exists in the Blocks/Navigation/Site variables, exploitable by an authenticated user and potentially impacting other visitors. Reported impact includes cookie stealing and other malicious actions. The available do...

5.4CVSS5.1AI score0.00653EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2020/10/28 5:56 p.m.28 views

Privilege Escalation

Satellite is vulnerable to privilege escalation. An attacker with an authenticated account on Single sign-on SSO is able to gain elevated privileges of existing local users...

7.5CVSS4.9AI score0.00789EPSS
Exploits0References5Affected Software242
NVD
NVD
added 2020/01/20 8:15 p.m.20 views

CVE-2020-7240

Meinberg Lantime M300 and M1000 devices allow attackers with privileges to configure a device to execute arbitrary OS commands by editing the /config/netconf.cmd script aka Extended Network Configuration. Note: According to the description, the vulnerability requires a fully authenticated...

9CVSS8.9AI score0.02437EPSS
Exploits1References3
NVD
NVD
added 2019/08/28 5:15 p.m.21 views

CVE-2019-15230

LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template sections of the admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account...

5.4CVSS5.2AI score0.00644EPSS
Exploits1References1
OSV
OSV
added 2019/08/28 5:15 p.m.11 views

CVE-2019-15230

LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template sections of the admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account...

5.4CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2019/08/28 5:15 p.m.10 views

Design/Logic Flaw

LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template sections of the admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account...

3.5CVSS5.1AI score0.00644EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/08/28 4:32 p.m.20 views

CVE-2019-15230

LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template sections of the admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account...

5.2AI score0.00644EPSS
Exploits1References1
CVE
CVE
added 2019/08/28 4:32 p.m.46 views

CVE-2019-15230

CVE-2019-15230 affects LibreNMS v1.54, with a cross-site scripting (XSS) vulnerability in the admin console modules Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template. The flaw allows an authenticated attacker to inject client-side scripts, poten...

5.4CVSS5.1AI score0.00644EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/08/20 12:15 a.m.15 views

CVE-2019-15228

FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors...

5.4CVSS6AI score
Exploits0References2
NVD
NVD
added 2019/08/20 12:15 a.m.17 views

CVE-2019-15228

FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors...

5.4CVSS5.3AI score0.00731EPSS
Exploits1References2
Prion
Prion
added 2019/08/20 12:15 a.m.13 views

Design/Logic Flaw

FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors...

3.5CVSS5.2AI score0.00731EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/08/19 11:28 p.m.114 views

CVE-2019-15228

CVE-2019-15228 affects FUEL CMS 1.4.4. The XSS is in the Create Blocks section of the Admin console, arising from insufficient input validation in the admin UI. Impact could include cookie theft and other malicious actions, with exploitation possible by authenticated users and also affecting unau...

5.4CVSS5.2AI score0.00731EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/08/26 12:0 a.m.35 views

CVE-2018-15877

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request. Recent assessments: cdelafuente-r7 at November 27, 2019 2:59pm UT...

9CVSS3.4AI score0.7699EPSS
Exploits11References6
Tenable Nessus
Tenable Nessus
added 2018/08/24 12:0 a.m.36 views

ASUSTOR Data Master < 3.1.6 Multiple Vulnerabilities

According to its self-reported version number, the ASUSTOR Data Master ADM web interface running on the remote web server is prior to 3.1.6. It is, therefore, affected by multiple vulnerabilities: - CVE-2018-15694: Authenticated File Upload - CVE-2018-15695: Authenticated Arbitrary File Deletion ...

8.5CVSS6AI score0.01511EPSS
Exploits6References8
Packet Storm
Packet Storm
added 2013/05/14 12:0 a.m.157 views

Gallery Server Pro File Upload Filter Bypass

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / / .-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Gallery Server Pro File Upload Filter Bypass Vendor Link: http://www.galleryserverpro.com/ PDF:...

0.4AI score
Exploits0
Rows per page
Query Builder