6680 matches found
touchcommerce.com XSS vulnerability
Vulnerable URL: http://www.touchcommerce.com//search?q=...
[SECURITY] Fedora 25 Update: php-horde-Horde-Core-2.30.0-1.fc25
These classes provide the core functionality of the Horde Application Framework...
[SECURITY] Fedora 26 Update: php-horde-Horde-Form-2.0.18-1.fc26
The HordeForm package provides form rendering, validation, and other functionality for the Horde Application Framework...
CVE-2017-2885
A stack-based buffer overflow flaw was discovered within the HTTP processing of libsoup. A remote attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code by sending a specially crafted HTTP request to a server using the libsoup HTTP server functionality or by...
Stack overflow
Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management ZCM allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2017-10182
Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: OPERA Export Functionality. Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vulnerability allows high privileged attacker with...
fitness.manualsonline.com XSS vulnerability
Vulnerable URL: http://fitness.manualsonline.com/search.html?q="...
pdfstuff4u.com XSS vulnerability
Vulnerable URL: http://pdfstuff4u.com/search.php?q=...
CVE-2017-11356
The application distribution export functionality in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control...
Legal Robot: Unable to change profile picture
Unable to change profile picture.Functionality issue...
Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Messaging Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2017-2834
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle...
x11.com.br XSS vulnerability
Open Bug Bounty ID: OBB-267655 Description| Value ---|--- Affected Website:| x11.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
[SECURITY] Fedora 25 Update: phpldapadmin-1.2.3-10.fc25
PhpLDAPadmin is a web-based LDAP client. It provides easy, anywhere-accessible, multi-language administration for your LDAP server. Its hierarchical tree-viewer and advanced search functionality make it intuitive to browse and administer your LDAP director y. Since it is a web application, this...
aerokurier.de XSS vulnerability
Vulnerable URL: http://www.aerokurier.de/suche/index.php?enableCompounds=false=%2Fwww%2FxmlResult.jsp=26=0=date=10=0=a%3E%27%3E%22%3Et%3Ci%3Ep%3Cimg%20src=y%20onerror=alertopenbugbounty%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.09.2017 Vulnerability type:| XS...
nuwber.de XSS vulnerability
Vulnerable URL: https://nuwber.de/search?q=%22%2F%3E%27%3E%22%3EI%3Ci%3EI%3Csvg%2Fonload%3Dalert%28%2Fopenbugbounty%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 555946 V...
topxlive.com XSS vulnerability
Vulnerable URL: http://topxlive.com/search/?q=...
Authentication flaw
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense ATD 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP request parameter...
CVE-2017-4052
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense ATD 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP request parameter...
Patch Tuesday - July 2017
Most of the critical vulnerabilities patched this month concern client-side systems, with 14 separate Remote Code Execution RCE issues being addressed for the Microsoft Edge browser and five for Internet Explorer. One of the three Adobe Flash Player vulnerabilities being patched is also a critica...