Lucene search
K

132 matches found

Cvelist
Cvelist
added 2020/04/23 11:5 p.m.19 views

CVE-2020-12131

The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter shown next to the UI logo...

5.8AI score0.007EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
added 2020/04/08 12:0 a.m.17 views

Advantech WebAccess/NMS getSyslogUiList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processi...

6.5CVSS1.8AI score0.00922EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/04/08 12:0 a.m.15 views

Advantech WebAccess/NMS MibBrowser SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the handleTargetsByDeviceName method of the...

7.5CVSS2.9AI score0.01263EPSS
Exploits0References1
Prion
Prion
added 2019/04/18 6:29 p.m.12 views

Cross site scripting

Kofax Front Office Server version 4.1.1.11.0.5212 both Thin Client and Administration Console suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - Thin Client or 2 "DeviceName" field in...

3.5CVSS5.4AI score0.00644EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/04/18 6:29 p.m.6 views

CVE-2018-17288

Kofax Front Office Server version 4.1.1.11.0.5212 both Thin Client and Administration Console suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - Thin Client or 2 "DeviceName" field in...

5.4CVSS5.8AI score0.00644EPSS
Exploits1References1
NVD
NVD
added 2019/04/18 6:29 p.m.13 views

CVE-2018-17288

Kofax Front Office Server version 4.1.1.11.0.5212 both Thin Client and Administration Console suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - Thin Client or 2 "DeviceName" field in...

5.4CVSS5.4AI score0.00644EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/02/20 12:0 a.m.6 views

PT-2018-17947

Name of the Vulnerable Software and Affected Versions Kentico versions 9 through 11 Description A Reflected Cross-Site Scripting issue allows remote attackers to execute malicious JavaScript via a malicious devicename parameter in a link entered through specific screens, including "Pages - Edit...

4.8CVSS5.1AI score0.00846EPSS
Exploits3References5
Vulnerability Lab
Vulnerability Lab
added 2017/01/10 12:0 a.m.26 views

Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability

Document Title: =============== Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2028 Release Date: ============= 2017-01-10 Vulnerability Laboratory ID VL-ID: ==================================== 2028...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/06/02 12:0 a.m.20 views

iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability

Document Title: =============== iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1271 Release Date: ============= 2014-06-02 Vulnerability Laboratory ID VL-ID: ==================================...

0.3AI score
Exploits0
0day.today
0day.today
added 2011/06/20 12:0 a.m.21 views

DreamBox DM800 Arbitrary File Download Vulnerability

Exploit for hardware platform in category remote exploits Exploit Title: title Date: date Author: ShellVision Version: dm800 / !CDATA / functiontryvar...

7.1AI score
Exploits0
OSV
OSV
added 2004/12/31 5:0 a.m.1 views

DEBIAN-CVE-2004-1951

xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the 1 audio.sunaudiodevice or 2 dxr3.devicename options in an MRL link...

5CVSS6.8AI score0.08098EPSS
Exploits1References1
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-1951

xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the 1 audio.sunaudiodevice or 2 dxr3.devicename options in an MRL link...

5CVSS6.7AI score0.08098EPSS
Exploits1References9
Rows per page
Query Builder