Lucene search
+L

151 matches found

CVE
CVE
added 2017/03/05 8:0 p.m.46 views

CVE-2017-6489

EPESI ≤ 1.8.1.1 contains multiple Cross-Site Scripting (XSS) flaws due to insufficient sanitization of user-supplied data (element, state, cat, id, cid) passed to the Subscribe endpoint. The identified vulnerable component is EPESI-master/modules/Utils/Watchdog/subscribe.php, which can process un...

6.1CVSS6AI score0.00785EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/03/05 8:0 p.m.45 views

CVE-2017-6491

CVE-2017-6491 concerns EPESI 1.8.1.1. The vulnerability stems from multiple XSS issues caused by insufficient filtration of user-supplied data (tooltip_id, callback, args, cid) passed to the EPESI-master/modules/Utils/Tooltip/req.php URL. Exploitation could allow an attacker to inject and execute...

6.1CVSS6AI score0.00785EPSS
Exploits1References2Affected Software1
Packet Storm
Packet Storm
added 2014/02/28 12:0 a.m.24 views

EPESI CRM 1.5.5 Cross Site Scripting

============================================================== Title ...| EPESI CRM vulnerable to persistent XSS Version .| epesi-1.5.5-20140113.zip Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| http://epe.si/download ==============================================================...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/04/09 12:0 a.m.19 views

GroupWare epesiBIM 1.2.1 - Multiple Web Vulnerabilities

Document Title: =============== GroupWare epesiBIM 1.2.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=501 Release Date: ============= 2012-04-09 Vulnerability Laboratory ID VL-ID: ==================================== 501...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/12/26 12:0 a.m.50 views

Multiple vulnerabilities in epesi BIM

Vulnerability ID: HTB23061 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinepesibim.html Product: epesi BIM Vendor: Telaxus LLC http://www.epesibim.com/ Vulnerable Version: 1.2.0-rev8154 and probably prior Tested Version: 1.2.0-rev8154 Vendor Notification: 30 November 2011...

6AI score
Exploits0
exploitpack
exploitpack
added 2011/12/21 12:0 a.m.14 views

epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities

epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51149/info epesi BIM is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execu...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2011/12/21 12:0 a.m.23 views

epesi BIM 1.2.0-rev8154 Cross Site Scripting

Vulnerability ID: HTB23061 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinepesibim.html Product: epesi BIM Vendor: Telaxus LLC http://www.epesibim.com/ Vulnerable Version: 1.2.0-rev8154 and probably prior Tested Version: 1.2.0-rev8154 Vendor Notification: 30 November 2011...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2011/12/21 12:0 a.m.19 views

epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/51149/info epesi BIM is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score
Exploits0
htbridge
htbridge
added 2011/11/30 12:0 a.m.30 views

Cross-site Scripting (XSS) Vulnerabilities in epesi BIM

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in epesi BIM which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in epesi BIM 1.1 The vulnerability exists due to input sanitation error in the "diratual"...

2.6CVSS6.5AI score
Exploits0Affected Software1
CVE
CVE
added 2007/07/26 7:0 p.m.47 views

CVE-2007-4026

CVE-2007-4026 affects the Epesi framework prior to 0.8.6. The issue: improper verification of file extensions during the gallery images upload feature, enabling remote attackers to upload and execute arbitrary PHP code via unspecified vectors. Documents do not provide explicit exploit steps or af...

6.8CVSS7.7AI score0.01165EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/07/26 7:0 p.m.27 views

CVE-2007-4026

epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information...

7.7AI score0.01165EPSS
Exploits0References4
Rows per page
Query Builder