Lucene search
K

112 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2019/09/18 5:15 p.m.23 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2019-4271)

Summary IBM WebSphere Application Server is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin, Security Bulletin: HTTP...

3.5CVSS0.6AI score0.00819EPSS
Exploits0Affected Software2
Prion
Prion
added 2019/09/17 7:15 p.m.10 views

Code injection

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability. IBM X-Force ID: 160243...

3.5CVSS3.7AI score0.00819EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/17 2:12 p.m.20 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2019-4271)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin HTTP Parameter Pollution...

3.5CVSS1.1AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/03 4:3 p.m.17 views

Security Bulletin: HTTP Parameter Pollution and XSS vulnerability in WebSphere Application Server Admin Console ND (CVE-2019-4271)

Summary There is a Client-side HTTP parameter pollution vulnerability and a Cross-site scripting vulnerability in WebSphere Application Server Admin Console. Vulnerability Details CVEID: CVE-2019-4271 DESCRIPTION: IBM WebSphere Application Server Admin console is vulnerable to a Client-side HTTP...

3.5CVSS0.4AI score0.00819EPSS
Exploits0Affected Software2
OSV
OSV
added 2019/08/06 6:15 p.m.3 views

CVE-2019-13143

An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the...

9.8CVSS5.8AI score0.03061EPSS
Exploits1References1
NVD
NVD
added 2019/08/06 6:15 p.m.23 views

CVE-2019-13143

An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the...

9.8CVSS9AI score0.03061EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2019/08/06 6:15 p.m.1 views

CVE-2019-13143

An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the...

9.8CVSS5.6AI score0.03061EPSS
Exploits1References3
Prion
Prion
added 2019/08/06 6:15 p.m.15 views

Buffer overflow

An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the...

9CVSS8.7AI score0.03061EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/08/06 5:38 p.m.22 views

CVE-2019-13143

An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the...

9AI score0.03061EPSS
Exploits1References1
CVE
CVE
added 2019/08/06 5:38 p.m.46 views

CVE-2019-13143

CVE-2019-13143 affects Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 v2.3. The issue is an HTTP parameter pollution vulnerability that allows an attacker to unbind the current lock owner and bind themselves using the user ID, user name, and the lock MAC address exposed via And...

9.8CVSS8.9AI score0.03061EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/08/06 12:0 a.m.4 views

PT-2019-13151 · Shenzhen Dragon Brothers · Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock Fb50

Name of the Vulnerable Software and Affected Versions: Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 version 2.3 Description: An HTTP parameter pollution issue allows attackers to unbind the existing owner of the lock and bind themselves instead, leading to complete takeover o...

9.8CVSS8.7AI score0.03061EPSS
Exploits1References4
Hacker One
Hacker One
added 2018/07/17 10:25 p.m.38 views

Soleo: Directory Traversal + HTTP Paramater Pollution leaking SQL/LDAP credentials

Upon visiting the login page of a provider’s IP Relay client, we noticed that if someone were to click the “forgot password” link, it would bring them to a URL which appeared as the following: https://./IPRelayApp/servlet/IPRelay?page=forgotPassword When attempting to modify the "page" GET...

7.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/07/09 9:13 p.m.14 views

carsforsale.motortrend.com XSS vulnerability

Open Bug Bounty ID: OBB-643617 Description| Value ---|--- Affected Website:| carsforsale.motortrend.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/22 2:56 p.m.12 views

manuales.cursoscnc.com XSS vulnerability

Open Bug Bounty ID: OBB-620244 Description| Value ---|--- Affected Website:| manuales.cursoscnc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/21 10:7 p.m.11 views

usnewsglobaleducation.com XSS vulnerability

Open Bug Bounty ID: OBB-619845 Description| Value ---|--- Affected Website:| usnewsglobaleducation.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/21 5:57 p.m.16 views

dredge7inn.com XSS vulnerability

Open Bug Bounty ID: OBB-619668 Description| Value ---|--- Affected Website:| dredge7inn.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/04/27 1:40 p.m.9 views

fallbrookchamberofcommerce.org XSS vulnerability

Open Bug Bounty ID: OBB-609322 Description| Value ---|--- Affected Website:| fallbrookchamberofcommerce.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Hacker One
Hacker One
added 2018/04/09 11:45 p.m.22 views

Slack: HTTP parameter pollution from outdated Greenhouse.io JS dependency

Slack's career page was using an outdated Greenhouse JavaScript dependency which resulted in an HTTP parameter pollution vulnerability. This would have allowed the loading of external Greenhouse forms not owned by Slack. We updated the Javascript and the issue is resolved. Thanks @irvinlim! The...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/04/05 12:11 a.m.12 views

gbstamp.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-597261 Description| Value ---|--- Affected Website:| gbstamp.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
NVD
NVD
added 2018/02/15 10:29 p.m.23 views

CVE-2016-8535

A remote HTTP parameter Pollution vulnerability in HPE Matrix Operating Environment version 7.6 was found...

3.5CVSS4.2AI score0.0061EPSS
Exploits0References1
Rows per page
Query Builder