Lucene search
+L

59 matches found

CNNVD
CNNVD
added 2022/11/22 12:0 a.m.3 views

FusionDIrectory 跨站脚本漏洞

FusionDIrectory is a FusionDIrectory open source application. Used to ensure that the user's identity management security. A cross-site scripting vulnerability exists in Fusiondirectory version 1.3. The vulnerability stems from a lack of effective filtering and escaping of user-supplied data, whi...

9.6CVSS6.1AI score0.00882EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.2 views

PT-2022-23245 · Unknown · Fusiondirectory

Name of the Vulnerable Software and Affected Versions: Fusiondirectory version 1.3 Description: The issue is related to improper session handling. Recommendations: For Fusiondirectory version 1.3, at the moment, there is no information about a newer version that contains a fix for this issue...

9.8CVSS7.3AI score0.01064EPSS
Exploits2References22
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.6 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.5AI score0.00932EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/11/22 12:0 a.m.6 views

FusionDIrectory 代码问题漏洞

FusionDIrectory is an application of FusionDIrectory open source. Used to ensure that the user's identity management security. A security vulnerability exists in FusionDIrectory version 1.3, which stems from a failure to properly handle sessions and can be exploited by an attacker to potentially...

9.8CVSS6.8AI score0.00932EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.4 views

PT-2022-23247 · Unknown · Fusiondirectory

Name of the Vulnerable Software and Affected Versions: Fusiondirectory version 1.3 Description: The issue concerns a Cross Site Scripting XSS vulnerability. It can be exploited via several "API Endpoints": "/fusiondirectory/index.php?message=injection",...

9.8CVSS7.2AI score0.01064EPSS
Exploits2References22
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.30 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.7AI score0.00932EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2022/11/22 12:0 a.m.43 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS7.2AI score0.00932EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.34 views

CVE-2022-36180

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting XSS via /fusiondirectory/index.php?message=injection, /fusiondirectory/index.php?message=invalidparameter&plug=Injection, /fusiondirectory/index.php?signout=1&message=injection&plug=106...

9AI score0.00882EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2022/11/22 12:0 a.m.27 views

CVE-2022-36180

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting XSS via /fusiondirectory/index.php?message=injection, /fusiondirectory/index.php?message=invalidparameter&plug=Injection, /fusiondirectory/index.php?signout=1&message=injection&plug=106...

9.6CVSS7.2AI score0.00882EPSS
Exploits1References3
CVE
CVE
added 2022/11/22 12:0 a.m.66 views

CVE-2022-36180

FusionDirectory 1.3 is vulnerable to Cross-Site Scripting (XSS) via multiple endpoints: /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], and /fusiondirectory/index.php?signout=1&message=[injection]&plug=106. The CVE is CVE-2022-...

9.6CVSS8.7AI score0.00882EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/11/22 12:0 a.m.72 views

CVE-2022-36179

CVE-2022-36179 affects Fusiondirectory 1.3 and is due to Improper Session Handling. The connected advisories indicate a vulnerability in Fusiondirectory 1.3 requiring a package update; Mageia MGASA-2023-0352 notes updated fusiondirectory packages fix the issues, and Debian DLA-3487/DLA-3487-1 ref...

9.8CVSS9.3AI score0.00932EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2022/11/22 12:0 a.m.46 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS9AI score0.00932EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/11/22 12:0 a.m.28 views

CVE-2022-36180

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting XSS via /fusiondirectory/index.php?message=injection, /fusiondirectory/index.php?message=invalidparameter&plug=Injection, /fusiondirectory/index.php?signout=1&message=injection&plug=106...

9.6CVSS8.8AI score0.00882EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.31 views

Debian DLA-1876-1 : gosa security update

In GOsa², an LDAP web-frontend written in PHP, a vulnerability was found that could theoretically have lead to unauthorized access to the LDAP database managed with FusionDirectory. LDAP queries' result status 'Success' checks had not been strict enough. The resulting output containing the...

9.8CVSS8.1AI score0.01749EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.39 views

Debian DLA-1875-1 : fusiondirectory security update

In FusionDirectory, an LDAP web-frontend written in PHP originally derived GOsa² 2.6.x, a vulnerability was found that could theoretically lead to unauthorized access to the LDAP database managed with FusionDirectory. LDAP queries' result status 'Success' checks had not been strict enough. The...

9.8CVSS8AI score0.01749EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/08/12 12:0 a.m.29 views

Debian: Security Advisory (DLA-1875-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.01749EPSS
Exploits0References3
Debian
Debian
added 2019/08/11 2:11 a.m.111 views

[SECURITY] [DLA 1876-1] gosa security update

Package : gosa Version : 2.7.4+reloaded2-1+deb8u4 CVE ID : CVE-2019-11187 In GOsa², an LDAP web-frontend written in PHP, a vulnerability was found that could theoretically have lead to unauthorized access to the LDAP database managed with FusionDirectory. LDAP queries result status "Success" chec...

9.8CVSS7.2AI score0.01749EPSS
Exploits0
Debian
Debian
added 2019/08/11 2:9 a.m.129 views

[SECURITY] [DLA 1875-1] fusiondirectory security update

Package : fusiondirectory Version : 1.0.8.2-5+deb8u2 CVE ID : CVE-2019-11187 In FusionDirectory, an LDAP web-frontend written in PHP originally derived GOsa² 2.6.x, a vulnerability was found that could theoretically lead to unauthorized access to the LDAP database managed with FusionDirectory. LD...

9.8CVSS7.2AI score0.01749EPSS
Exploits0
OSV
OSV
added 2019/08/10 12:0 a.m.24 views

DLA-1875-1 fusiondirectory - security update

Bulletin has no description...

9.8CVSS9.4AI score0.01749EPSS
Exploits0
Rows per page
Query Builder