Lucene search
+L

161 matches found

CVE
CVE
added 2013/10/16 3:0 p.m.72 views

CVE-2013-3831

CVE-2013-3831 affects Oracle Portal (Demo Organization Chart) in Oracle Fusion Middleware 11.1.1.6.0. The vulnerability is an SQL injection in the Oracle Portal Demo Organization Chart app caused by inadequate sanitization of the p_args_values parameter, potentially enabling a remote authenticate...

5.5CVSS5.1AI score0.0095EPSS
Exploits1References2Affected Software1
Vulnerability Lab
Vulnerability Lab
added 2013/07/28 12:0 a.m.29 views

Microsoft EPD - CS Flash Cross Site Web Vulnerability

Document Title: =============== Microsoft EPD - CS Flash Cross Site Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1013 Microsoft Security Response Center MSRC ID: 15156 Release Date: ============= 2013-07-28 Vulnerability Laboratory I...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.41 views

Oracle Linux 5 : freetype (ELSA-2010-0607)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0607 advisory. - Add freetype-2.2.1-CVE-2010-1797.patch Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

9.3CVSS5.5AI score0.30653EPSS
Exploits7References2
RedHat Linux
RedHat Linux
added 2013/07/09 5:51 p.m.6 views

activemq: Multiple XSS flaws in web demos

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

4.3CVSS6.9AI score0.06018EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2013/06/30 5:16 a.m.21 views

Want to be the Part of History? Just be a part of E-HACK

E-HACK is an Information Security Workshop, organized by infySEC. The workshop aims at creating awareness about INFORMATION SECURITY by showing in what all ways information or data can be stolen. Meddle in cyber-warfare, battle with our machine master mind who will throw challenges on web...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2013/04/24 12:0 a.m.54 views

Apache ActiveMQ web demos多个跨站脚本漏洞(CVE-2012-6092)

CVE ID:CVE-2012-6092 Apache ActiveMQ是一款开源消息总线,支持JMS1.1和J2EE 1.4规范的JMS Provider实现。 Apache ActiveMQ web demos存在多个跨站脚本漏洞,允许远程攻击者通过PortfolioPublishServlet.java的refresh参数也即/demo/portfolioPublish或Market Data...

4.3CVSS0.3AI score0.06018EPSS
Exploits1
Prion
Prion
added 2013/04/21 9:55 p.m.28 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

4.3CVSS8AI score0.07674EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2013/04/21 9:0 p.m.37 views

CVE-2012-6092

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

8.2AI score0.06018EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2013/04/21 9:0 p.m.69 views

CVE-2012-6092

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

4.3CVSS7.4AI score0.06018EPSS
Exploits1
CVE
CVE
added 2013/04/21 9:0 p.m.109 views

CVE-2012-6092

Summary of CVE-2012-6092: Cross-site scripting in Apache ActiveMQ web demos Affected software: Apache ActiveMQ web demos (demo/portfolioPublish and related webapp/websocket/chat.js) prior to 5.8.0. What is vulnerable: Multiple XSS vulnerabilities via (1) refresh parameter to PortfolioPublishServl...

4.3CVSS7.8AI score0.06018EPSS
Exploits1References6Affected Software1
Cent OS
Cent OS
added 2013/03/21 10:39 p.m.72 views

phonon, qt security update

CentOS Errata and Security Advisory CESA-2013:0669 Updated qt packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

3.6CVSS7.2AI score0.00422EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2013/01/20 12:0 a.m.29 views

Classified Ultra ScriptsGenie Cross Site Scripting / SQL Injection

Exploit Title; Classified Ultra ScriptsGenie Multiple Vulnerabilities Date; 20/1/13 Author; 3spi0n Script Vendor or Software Link; http://www.hotscripts.com/listing/classified-ultra-scriptsgenie/ Category; Webapps Type; SQL Injection MySQLi Tested on; Ubuntu 12.10 / Win7 / Backtrack 5 Demo...

0.8AI score
Exploits0
0day.today
0day.today
added 2013/01/14 12:0 a.m.46 views

Wordpress wp-codebox Plugin Full Path Disclosure vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------------------------------------------------ Exploit Title: Wordpress wp-codebox plugin Full Path Disclosure vulnerability Date: 14/01/2012 Author: terrorist Tested on:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/01/03 12:0 a.m.28 views

Simple Machines Forum 2.0.3 Path Disclosure

Summary: -------------- A security flaw allows an attacker to know the full path of the web system. Details: ----------- SSI.php Line 294: // Fetch a post with a particular ID. By default will only show if you have permission to the see the board in question - this can be overriden. function...

0.3AI score
Exploits0
0day.today
0day.today
added 2012/12/30 12:0 a.m.23 views

Wordpress Themes moneymasters Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Author = Fayzoun Facebook = http://fb.me/fayzoun.no.love Facebook page = http://fb.me/fayzoun.AO Google Dork = inurl:/wp-content/themes/moneymasters Mail : email protected / email protected Exploit: "@$uploadfile",...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/12/29 12:0 a.m.26 views

Digitale Age File Upload / Sql injection vulnerabilites

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/09/17 12:0 a.m.28 views

Bullseye Creative => SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Bullseye Creative = SQL injection Vulnerability Author: RaMeZ Libyan Darkness Storm - LDS Google dork : intext:powered by: Bullseye Creative "inurl:.php?id=" Date : 16-9-2012 Greets : LDS members poc: www.site.com/sick...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/09/11 12:0 a.m.26 views

FBDj Stats SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/09/10 12:0 a.m.25 views

NovinMarketing SQL Injection

| @@@@@@@@ @@@@@@@@@ @@ @@ @@@@@ @@ @@ @@@@@@@@ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @@@ @ @ @ @ @ @ @ @ @ @ @ | | @@@@@@@@ @@@ @@@ @ @ @ @ @ @ @ @ @ @@@@@@@@ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @ @ @ @ @ @ @ @ @ @ @@@ @ | | @@@@@@@@ ...

1.1AI score
Exploits0
0day.today
0day.today
added 2012/09/09 12:0 a.m.79 views

Ultrastats 0.3.16 SQL Injection Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: Ultrastats 0.3.16 SQL Injection Vulnerability + Home: 1337day.com Inj3ct0r Exploit DataBase + Date: 09-09-2012 + Category: WebApp + Google Dork: intext:Created 2005-2008 - By deltaray Support Forums |...

7.1AI score
Exploits0
Rows per page
Query Builder