CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cent OS•added 2010/08/03 12:39 a.m.•85 views

tomcat5 security update

CentOS Errata and Security Advisory CESA-2010:0580 Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS ba...

Check Point Advisories•added 2010/08/03 12:0 a.m.•4 views

Exploits3References7

CA XOsoft Multiple Products xosoapapi.asmx Buffer Overflow (CVE-2010-1223)

CA ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including backup and restore, data migration, and threat management. A buffer overflow vulnerability has been...

10CVSS7.4AI score0.37555EPSS

Exploits5

RedHat Linux•added 2010/08/02 8:18 p.m.•39 views

Important: Red Hat Security Advisory: jbossweb security update

An updated jbossweb package that fixes two security issues is now available for JBoss Enterprise Application Platform 4.2 and 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...

6.4CVSS6.1AI score0.80174EPSS

Exploits8References4

RedHat Linux•added 2010/08/02 8:17 p.m.•56 views

Important: Red Hat Security Advisory: tomcat5 security update

Updated tomcat5 packages that fix three security issues are now available for Red Hat Application Server v2. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

RedHat Linux•added 2010/08/02 8:17 p.m.•38 views

Exploits2References5

Important: Red Hat Security Advisory: tomcat5 security update

Updated tomcat5 packages that fix one security issue are now available for Red Hat Developer Suite 3. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RedHat Linux•added 2010/08/02 8:0 p.m.•57 views

Exploits2References3

Important: Red Hat Security Advisory: tomcat5 security update

Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

Check Point Advisories•added 2010/07/25 12:0 a.m.•1 views

Exploits3References6

Apache Byte-Range Filter Denial of Service (CVE-2005-2728)

Apache HTTP Server is the most widely deployed web servers on the Internet. Apache HTTP server is capable of running on Microsoft Windows and wide variety of Unix-like platforms. The server may be run as a standalone web server, a proxy, or a reverse proxy. There exists a denial of service...

5CVSS8.5AI score0.61794EPSS

OpenVAS•added 2010/07/12 12:0 a.m.•22 views

Moodle Cross Site Scripting and Cross Site Request Forgery Vulnerabilities

This host is running Moodle and is prone to Cross-Site Scripting and Cross Site Request Forgery Vulnerabilities. OpenVAS Vulnerability Test $Id: gbmoodlexssncsrfvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Moodle Cross Site Scripting and Cross Site Request Forgery Vulnerabilities Authors: Madhuri...

6.8CVSS0.2AI score0.0061EPSS

OpenVAS•added 2010/07/12 12:0 a.m.•17 views

Moodle XSS and CSRF Vulnerabilities

Moodle is prone to cross-site ccripting XSS and cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

6.8CVSS6.2AI score0.0061EPSS

exploitpack•added 2010/07/08 12:0 a.m.•23 views

Outlook Web Access 2007 - Cross-Site Request Forgery

Outlook Web Access 2007 - Cross-Site Request Forgery Source: http://sites.google.com/site/tentacoloviola/pwning-corporate-webmails Demo: http://www.youtube.com/watch?v=Bx-zfu0uXYg After Nduja Connection worm and the Memova issue, it's now time to shed a light on vulnerabilities affecting corporat...

0.4AI score

0day.today•added 2010/07/03 12:0 a.m.•39 views

Specialist Bed and Breakfast Website SQL Injection Exploit

Exploit for php platform in category web applications ========================================================== Specialist Bed and Breakfast Website SQL Injection Exploit ========================================================== !/usr/bin/python Specialist Bed and Breakfast Website SQL Injectio...

7.1AI score

Cisco•added 2010/07/02 2:15 p.m.•29 views

Cisco CSS Content Services Switch and ACE Application Control Engine HTTP SSL Header Spoofing Vulnerability

Cisco CSS Content Services Switch CSS, SSL Services Module SSLM, and ACE Application Control Engine ACE contain a vulnerability that could allow an authenticated, remote attacker to insert spoofed SSL headers into HTTP requests. The vulnerability exists because the affected products weakly enforc...

3.5CVSS6.3AI score0.00266EPSS

Exploits2References1

exploitpack•added 2010/06/30 12:0 a.m.•10 views

ShopCartDx 4.30 - products.php Blind SQL Injection

ShopCartDx 4.30 - products.php Blind SQL Injection !/usr/bin/perl 0-Day ShopCartDx /trafficdemos/shopcartdx1/ my $MemberID = shift or my $Method = HTTP::Request-newGET = $Host; my $HTTP = new LWP::UserAgent; my $Referrer = "http://www.warwolfz.org/"; my $DefaultTime = request$Referrer; sub...

0.5AI score

exploitpack•added 2010/06/30 12:0 a.m.•31 views

webERP 3.11.4 - Multiple Vulnerabilities

webERP 3.11.4 - Multiple Vulnerabilities Title: webERP Multiple Vulnerabilities Author: ADEO Security Published: 30/06/2010 Version: 3.11.4 Possible all versions Vendor: http://www.weberp.org Description: "webERP is a complete web based accounting/ERP system that requires only a web-browser and p...

0.4AI score

CERT•added 2010/06/29 12:0 a.m.•37 views

Snare Agent web interface cross-site request forgery vulnerabilities

Overview The Snare Agent web interface is susceptible to cross-site request forgery attacks. Description The web interface allows the administrator to manage several agent settings, including changing the listening port and password. These HTTP requests do not perform proper validity checks and a...

7.1AI score