Lucene search
K

362 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-5664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the...

7.5CVSS7.8AI score0.16567EPSS
Exploits1References2
Wiz blog
Wiz blog
added 2025/07/23 12:0 p.m.3 views

Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload

Wiz Research has identified a new iteration of a broader malicious cryptomining campaign, which we’ve dubbed Soco404...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:34 a.m.11 views

CVE-2023-27998

A lack of custom error pages vulnerability CWE-756 in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTPs paths...

5.3CVSS6.8AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:42 a.m.10 views

CVE-2022-32269

In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages displayed by Internet Explorer core. This leads to arbitrary code execution...

9.8CVSS7.5AI score0.03164EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.7 views

CVE-2020-6254

SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting...

6.1CVSS6.1AI score0.00654EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.8 views

CVE-2020-6223

The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to modify certain error pages to include malicious content. This can misdirect a user who is tricked into accessing these error pages rendered by the application, leading to Content...

6.1CVSS6.7AI score0.00655EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:10 a.m.11 views

CVE-2018-12297

Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL path names...

6.1CVSS6.7AI score0.00692EPSS
Exploits1References1
OSV
OSV
added 2025/04/01 12:30 a.m.8 views

GHSA-RHXM-R44M-4325 Drupal Ignition Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS. This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS6.5AI score0.00242EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/04/01 12:30 a.m.16 views

Drupal Ignition Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS. This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS6.5AI score0.00242EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/03/31 10:15 p.m.8 views

CVE-2025-31679

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 9:38 p.m.7 views

CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2025/03/31 9:38 p.m.5 views

CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS5.9AI score0.00242EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/03/31 9:38 p.m.37 views

CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.8 views

Drupal Ignition Error Pages 跨站脚本漏洞

Drupal Ignition Error Pages is a module of the Drupal community that provides custom error pages e.g. 404, 500, etc. to improve the user experience. A cross-site scripting vulnerability exists in Drupal Ignition Error Pages versions prior to 1.0.4, which stems from improper input neutralization a...

6.1CVSS5.7AI score0.00242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.5 views

PT-2025-13843 · Drupal · Ignition Error Pages

Name of the Vulnerable Software and Affected Versions: Ignition Error Pages versions 0.0.0 through 1.0.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, in Drupal Ignition Error Pages. This allows for...

6.1CVSS5.6AI score0.00242EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2018-10547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS ...

6.1CVSS7AI score0.0363EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.4 views

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from insecure handling of error messages on error pages...

5.4CVSS6.7AI score0.00225EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/01/31 7:14 p.m.1765 views

XVIDEOS: Error Page Content Spoofing or Text Injection

The content spoofing vulnerability on multi.xnxx.com allowed arbitrary text to be injected into error pages. The injected content was reflected back to users under the trusted domain, which could have been exploited for social engineering attacks...

7.2AI score
Exploits0
OSV
OSV
added 2025/01/22 5:1 p.m.7 views

DRUPAL-CONTRIB-2025-007

This module enables you to render error pages using the Ignition package. The module disables certain Drupal core code and does not perform sufficient filtering, allowing HTML to be injected in certain situations leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated...

6.1CVSS6.1AI score0.00242EPSS
Exploits0References1
Drupal
Drupal
added 2025/01/22 12:0 a.m.18 views

Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007

This module enables you to render error pages using the Ignition package. The module disables certain Drupal core code and does not perform sufficient filtering, allowing HTML to be injected in certain situations leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated...

6.1CVSS6.2AI score0.00242EPSS
Exploits0References8
Rows per page
Query Builder