Lucene search
K

173 matches found

Prion
Prion
added 2013/11/14 8:55 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Calendar module in Olat 7.8.0.1 b20130821 N1 allow remote attackers to inject arbitrary web script or HTML via the 1 event name or 2 date field...

4.3CVSS6AI score0.03217EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2013/11/14 8:55 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Calendar module in Olat 7.8.0.1 b20130821 N1 allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.01423EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/11/14 8:0 p.m.15 views

CVE-2013-6794

Cross-site scripting XSS vulnerability in the Calendar module in Olat 7.8.0.1 b20130821 N1 allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.6AI score0.01423EPSS
Exploits0References1
CVE
CVE
added 2013/11/14 8:0 p.m.40 views

CVE-2013-6793

CVE-2013-6793 refers to multiple cross-site scripting (XSS) vulnerabilities in the Calendar module of OLAT 7.8.0.1 (b20130821 N1). The flaws allow remote attackers to inject arbitrary script or HTML via the event name or date fields. Documented impact is XSS with partial integrity impact (per NVD...

4.3CVSS5.9AI score0.03217EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2013/11/14 8:0 p.m.22 views

CVE-2013-6793

Multiple cross-site scripting XSS vulnerabilities in the Calendar module in Olat 7.8.0.1 b20130821 N1 allow remote attackers to inject arbitrary web script or HTML via the 1 event name or 2 date field...

5.8AI score0.03217EPSS
Exploits1References5
CVE
CVE
added 2013/11/14 8:0 p.m.37 views

CVE-2013-6794

CVE-2013-6794 is an XSS vulnerability in the Calendar module of Olat 7.8.0.1 (b20130821 N1). The flaw allows remote attackers to inject arbitrary web script or HTML via the Location field. Documents consistently describe the affected product/version and the vulnerability class, but do not provide...

4.3CVSS5.7AI score0.01423EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/17 12:0 a.m.33 views

FreeBSD : PHP5 -- Integer overflow in Calendar module (5def3175-f3f9-4476-ba40-b46627cc638c)

The PHP development team reports : Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...

5CVSS8.2AI score0.0423EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2013/05/22 12:0 a.m.27 views

PHP5 -- Integer overflow in Calendar module

The PHP development team reports: Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...

5CVSS6.5AI score0.0423EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2012/10/16 12:0 a.m.29 views

Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities

Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats . ------------------------------------------------------------------------------ Exploit Title:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/08/31 12:0 a.m.26 views

Joomla ICAgenda SQL Injection / Path Disclosure

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

0.2AI score
Exploits0
0day.today
0day.today
added 2012/08/31 12:0 a.m.28 views

Joomla Component com_icagenda Blind SQLi/Path Disclosure

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

7.1AI score
Exploits0
Prion
Prion
added 2011/12/02 4:55 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...

4.3CVSS6.1AI score0.02951EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2011/12/02 4:0 p.m.21 views

CVE-2011-4670

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...

5.8AI score0.02951EPSS
Exploits1References9
NVD
NVD
added 2011/11/28 9:55 p.m.24 views

CVE-2011-4559

SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php...

7.5CVSS8.2AI score0.01387EPSS
Exploits1References6
Prion
Prion
added 2011/11/28 9:55 p.m.16 views

Sql injection

SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php...

7.5CVSS9AI score0.01387EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2011/11/28 9:0 p.m.32 views

CVE-2011-4559

SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php...

8.2AI score0.01387EPSS
Exploits1References6
CVE
CVE
added 2011/11/28 9:0 p.m.62 views

CVE-2011-4559

CVE-2011-4559 affects vtiger CRM (Calendar module) prior to or including vTiger 5.2.1; the vulnerability is a SQL injection in the onlyforuser parameter of the index action (index.php). This allows remote attackers to execute arbitrary SQL commands. Connected records also indicate CVE-2013-5091 a...

7.5CVSS8.6AI score0.01387EPSS
Exploits1References6Affected Software1
OpenVAS
OpenVAS
added 2011/08/03 12:0 a.m.57 views

Debian Security Advisory DSA 2266-1 (php5)

The remote host is missing an update to php5 announced via advisory DSA 2266-1. OpenVAS Vulnerability Test $Id: deb22661.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2266-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

7.5CVSS0.6AI score0.19736EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2011/07/05 12:0 a.m.71 views

Debian DSA-2266-1 : php5 - several vulnerabilities

Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. - CVE-2010-2531 An information leak was found in the varexport function. - CVE-2011-0421 The Zip module could crash. - CVE-2011-0708 An integer overflow was...

7.5CVSS8.6AI score0.19736EPSS
Exploits18References18
Debian
Debian
added 2011/06/29 6:42 p.m.87 views

[SECURITY] [DSA 2266-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2266-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29, 2011 http://www.debian.org/security/faq -...

7.5CVSS10AI score0.19736EPSS
Exploits18
Rows per page
Query Builder