Lucene search
K

142 matches found

Oracle linux
Oracle linux
added 2022/03/24 12:0 a.m.99 views

httpd security update

2.4.6-97.0.5.5 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.5 - Resolves: 2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier...

9.8CVSS0.4AI score0.65067EPSS
Exploits0
Oracle linux
Oracle linux
added 2022/01/25 12:0 a.m.142 views

httpd:2.4 security update

httpd 2.4.37-43.1.0.1 - scoreboard: fix null pointer deference Orabug: 33690670CVE-2021-34798 - fix apescapequote logic Orabug: 33690686CVE-2021-39275 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43.1 - Resolves:...

9.8CVSS1.1AI score0.97108EPSS
Exploits6
Prion
Prion
added 2022/01/20 5:15 p.m.17 views

Cross site scripting

Cross Site Scripting XSS vulnerability exists in index.html in AFI WebACMS through 2.1.0 via the the ID parameter...

4.3CVSS6AI score0.01606EPSS
Exploits3References5Affected Software1
CVE
CVE
added 2022/01/20 4:24 p.m.65 views

CVE-2021-44829

CVE-2021-44829 applies to AFI Solutions WebACMS (Product: WebACMS, Vendor: AFI Solutions GmbH) up to version 2.1.0. The vulnerability is a Cross-Site Scripting (CWE-79) present in index.html exposed via the ID parameter. Root cause is input data not properly sanitized, enabling execution of clien...

6.1CVSS5.9AI score0.01606EPSS
Exploits3References5Affected Software1
Oracle linux
Oracle linux
added 2021/10/14 12:0 a.m.94 views

httpd security update

2.4.6-97.0.1.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.1 - Resolves: 2011729 - CVE-2021-40438 httpd: modproxy: SSRF via a crafted request uri-path containing 'unix:'...

9CVSS1.4AI score0.99999EPSS
Exploits5
Oracle linux
Oracle linux
added 2021/10/13 12:0 a.m.82 views

httpd:2.4 security update

httpd 2.4.37-39.1.0.1.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-39.1 - Resolves: 2007234 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path - Resolves: 2007646 - CVE-2021-26691...

9.8CVSS1.7AI score0.99999EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/02/10 12:0 a.m.175 views

Google Invisible RECAPTCHA 3 Spoof Bypass

Exploit Title: Google Invisible RECAPTCHA 3 - Spoof Bypass Date: 2020-02-07 Vendor Homepage: https://developers.google.com/recaptcha/docs/invisible Exploit Git Repo: https://github.com/matamorphosis/Browser-Exploits/tree/master/RECAPTCHABypass Exploit Author: Matamorphosis Tested on: Windows and...

0.2AI score
Exploits0
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.147 views

httpd security and bug fix update

2.4.6-90.0.1 - replace index.html with Oracles index page oracleindex.html Resolves: 1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in modauthdigest - Resolves: 1696141 - CVE-2019-0217 httpd: modauthdigest: access control bypass due to race condition - Resolves: 1696096 -...

9.8CVSS0.8AI score0.1786EPSS
Exploits0
Cvelist
Cvelist
added 2019/08/09 12:31 p.m.47 views

CVE-2019-14312

Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI...

6.3AI score0.20586EPSS
Exploits5References2
Oracle linux
Oracle linux
added 2019/07/30 12:0 a.m.224 views

httpd security update

2.4.6-89.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-89.1 - Resolves: 1719722 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in modauthdigest...

9.8CVSS0.6AI score0.15885EPSS
Exploits0
OSV
OSV
added 2019/07/23 12:15 p.m.16 views

CVE-2019-14240

WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI...

8.1CVSS6.8AI score
Exploits0References1
NVD
NVD
added 2019/07/23 12:15 p.m.19 views

CVE-2019-14240

WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI...

8.1CVSS8.1AI score0.00844EPSS
Exploits0References1
Prion
Prion
added 2019/07/23 12:15 p.m.13 views

Design/Logic Flaw

WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI...

5.8CVSS7.9AI score0.00844EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/23 11:51 a.m.47 views

CVE-2019-14240

Summary: WCMS v0.3.2 contains a CSRF vulnerability that enables directory traversal to modify the homepage (index.html) via the URI /wex/html.php?finish=../index.html. The issue resides in the web editor component (wex/html.php) and does not require authentication, enabling potential unauthorized...

8.1CVSS8AI score0.00844EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/23 11:51 a.m.20 views

CVE-2019-14240

WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI...

8.1AI score0.00844EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2019/05/22 12:0 a.m.393 views

Horde Webmail 5.2.22 - Multiple Vulnerabilities

Title: Horde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails var url = "http://webmail.victimserver.com/trean/"; var params =...

8.8CVSS7.4AI score0.01536EPSS
Exploits7
Kitploit
Kitploit
added 2019/05/02 9:47 p.m.124 views

DumpTheGit - Searches Through Public Repositories To Find Sensitive Information Uploaded To The Github Repositories

DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories. The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens etc which have been accidentally uploaded by the developers. DumpTheGit just...

7AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2019/04/02 3:46 p.m.31 views

Moderate severity vulnerability that affects total.js

Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html item.message and themes/admin/public/ui.js column.format...

6.1CVSS2.4AI score0.00905EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/03/28 4:24 p.m.35 views

CVE-2019-10260

Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html item.message and themes/admin/public/ui.js column.format...

6AI score0.00905EPSS
Exploits0References2
CVE
CVE
added 2019/03/28 4:24 p.m.51 views

CVE-2019-10260

Total.js CMS 12.0.0 is affected by a Cross-Site Scripting (XSS) vulnerability in the admin UI: item.message handling in themes/admin/views/index.html and column.format handling in themes/admin/public/ui.js. The connected sources consistently identify the vulnerable components but do not provide a...

6.1CVSS5.9AI score0.00905EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder