CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2015/03/13 12:0 a.m.•19 views

Loxone Smart Home Miniserver < 6.3 Multiple Vulnerabilities

According to its banner, the remote Loxone Smart Home Miniserver device is a version prior to 6.3. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to the device transmitting all data in cleartext. A remote man-in-the-middle attacker ca...

5.6AI score

Exploits0References2

NVD•added 2015/02/12 1:59 a.m.•23 views

CVE-2014-2147

The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting XFS" issue, aka B...

4.3CVSS6.4AI score0.00422EPSS

Exploits0References5

Cvelist•added 2015/02/12 1:0 a.m.•24 views

CVE-2014-2147

6.3AI score0.00422EPSS

Exploits0References5

Cisco•added 2015/02/11 5:41 p.m.•23 views

Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability

A vulnerability in the web interface of the Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user ...

CNVD•added 2015/02/11 12:0 a.m.•1 views

Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability

Cisco Prime Infrastructure is an all-in-one package that provides complete infrastructure wired and wireless and mobile lifecycle management provisioning, monitoring, troubleshooting, fixing, and reporting. A cross-framework scripting vulnerability exists in Cisco Prime Infrastructure that could...

CNVD•added 2015/02/05 12:0 a.m.•2 views

Cisco Unified Computing System on C-Series Rack Servers Cross-Frame Scripting Vulnerability

The Cisco Unified Computing System is an all-in-one platform for computing, virtualization, and networking. A cross-framework scripting vulnerability in Cisco Unified Computing System on C-Series Rack Servers allows attackers to hijack an attack via crafted website behavior...

Cisco•added 2015/02/03 8:33 p.m.•34 views

Cisco UCS C-Series Rack Servers Integrated Management Controller Cross-Frame Scripting Vulnerability

A vulnerability in the web interface of the Cisco Integrated Management Controller of the Cisco Unified Computing System C-Series Rack Servers could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability is due to insufficient HTML iframe...

exploitpack•added 2015/01/26 12:0 a.m.•14 views

SWFupload 2.5.0 - Cross Frame Scripting (XFS)

SWFupload 2.5.0 - Cross Frame Scripting XFS Exploit Title: SWFupload All Version XSF Vulnerability Date: 25/01/2014 Exploit Author: MindCracker - Team MaDLeeTs Contact : [email protected] - [email protected] | https://twitter.com/MindCrackerKhan Verion : All Tested on: Linux / Window...

Vulnerability Lab•added 2015/01/25 12:0 a.m.•21 views

SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability

Document Title: =============== SWFupload 2.5.0 - Cross Frame Scripting XFS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1422 Release Date: ============= 2015-01-25 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score

Packet Storm•added 2015/01/25 12:0 a.m.•16 views

SWFupload 2.5.0 Cross Frame Scripting

0.2AI score

Vulnerability Lab•added 2015/01/25 12:0 a.m.•22 views

SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability

0.2AI score