Lucene search
K

369 matches found

BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The automation system of the enterprise 1C:Enterprise contains a vulnerability in the Fast Infoset decoder library for working with XML documents xml2.dll. A malicious individual, by manipulating input data, can set the Fast Infoset decoder to the DOCUMENTCHARACTERENCODINGSCHEME state processing...

7.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/12/15 12:0 a.m.5 views

The vulnerability of the AMS Device Manager system allows a perpetrator to increase their privileges.

The vulnerability of the AMS Device Manager system control mechanism is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to enhance their privileges by making incorrect data inputs remotely...

6.5CVSS5.6AI score0.01332EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/08/07 12:0 a.m.8 views

The vulnerability of the Moodle learning management system allows a hacker to execute arbitrary web or HTML code.

The vulnerability of the mod/quiz/report/statistics/statisticsquestiontable.php component of the Moodle learning management system exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary web or HTML code ...

3.5CVSS5.9AI score0.01459EPSS
Exploits0References4Affected Software1
seebug.org
seebug.org
added 2015/06/26 12:0 a.m.30 views

CmsEasy getshell(略鸡肋)

简要描述: rt 详细说明: 利用条件:文章必须通过后台审核(必须列表审核),有点鸡肋了。 CmsEasy\lib\default\archiveact.php: 411行 showaction函数 里有句 if front::get't' == 'wap' $tpl = category::gettemplate$this-view-catid, 'showtemplatewap'; if!$tpl $tpl = 'wap/show.html'; $this-out$tpl; return; if $template && fileexistsTEMPLATE . '/'...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/10/03 12:0 a.m.70 views

WordPress BulletProof Security 50.8 Script Insertion

Document Title: =============== BulletProof Security Wordpress v50.8 - POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1326 Release Date: ============= 2014-09-30 Vulnerability Laboratory ID VL-ID:...

Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

SpagoBI 4.0 - Persistent XSS Vulnerability

No description provided by source. 01. Advisory Information Title: Persistent Cross-Site Scripting XSS in SpagoBI Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE...

3.5CVSS6.5AI score0.03655EPSS
Exploits7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.39 views

SpagoBI 4.0 - Persistent HTML Script Insertion

No description provided by source. 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability...

4.3CVSS6.5AI score0.03223EPSS
Exploits7
Opera Security Advisories
Opera Security Advisories
added 2014/05/12 12:0 a.m.9 views

Possibly Tricking Users – The Perils of Drag n Drop Decadence

Security Possibly Tricking Users – The Perils of Drag n Drop Decadence Share May 12th, 2014 In the recent Opera 21 Stable release, we fixed a number of bugs relating to the address field. Normally, we would not want to give away too much about a security issue, as it would give a potential attack...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.138 views

[CVE-2014-2531] SQL injection in InterWorx Web Control Panel <= 5.0.13

================================================= Title: SQL injection in InterWorx Control Panel Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.13 build 574 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2014-2531 Solution Status: Fixed in Version...

6.5CVSS7.5AI score0.01123EPSS
Exploits6
0day.today
0day.today
added 2014/03/04 12:0 a.m.69 views

SpagoBI 4.0 - Persistent XSS Vulnerability

Exploit for php platform in category web applications 1. Vulnerability Information CVE reference: CVE-2013-6232 CVSS v2 Base Score: 4 CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N Component/s: SpagoBI Class: Input Manipulation 2. Introduction SpagoBI1 is an Open Source Business Intelligence suite,...

7.1AI score0.03655EPSS
Exploits7
exploitpack
exploitpack
added 2014/03/03 12:0 a.m.89 views

SpagoBI 4.0 - Persistent HTML Script Insertion

SpagoBI 4.0 - Persistent HTML Script Insertion 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02...

4.3CVSS6.4AI score0.03223EPSS
Exploits7
Exploit DB
Exploit DB
added 2014/03/03 12:0 a.m.48 views

SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload

Advisory Information Title: XSS File Upload Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6234 CVSS v2 Base Score: 4 CVSS v2 Vector:...

8CVSS7.9AI score0.06706EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/03/03 12:0 a.m.42 views

SpagoBI 4.0 - Persistent HTML Script Insertion

Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6233...

4.3CVSS6.9AI score0.03223EPSS
Exploits7
Packet Storm
Packet Storm
added 2014/03/02 12:0 a.m.63 views

SpagoBI 4.0 Stored Cross Site Scripting

Advisory Information Title: Persistent Cross-Site Scripting XSS in SpagoBI Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference: CVE-2013-6232 CVSS v2 Base...

3.5CVSS6.5AI score0.03655EPSS
Exploits7
Packet Storm
Packet Storm
added 2014/02/28 12:0 a.m.55 views

SpagoBI 4.0 Privilege Escalation

Advisory Information Title: Remote Privilege Escalation in SpagoBI Date published: 2013-02-28 Date of last update: 2013-02-28 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference: CVE-2013-6231 CVSS v2 Base Score: 9...

0.7AI score0.09881EPSS
Exploits7
0day.today
0day.today
added 2014/02/28 12:0 a.m.62 views

SpagoBI 4.0 - Privilege Escalation Vulnerability

Exploit for multiple platform in category web applications 01. Advisory Information Title: Remote Privilege Escalation in SpagoBI Date published: 2013-02-28 Date of last update: 2013-02-28 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability...

0.6AI score0.09881EPSS
Exploits7
exploitpack
exploitpack
added 2014/02/28 12:0 a.m.72 views

SpagoBI 4.0 - Privilege Escalation

SpagoBI 4.0 - Privilege Escalation 01. Advisory Information Title: Remote Privilege Escalation in SpagoBI Date published: 2013-02-28 Date of last update: 2013-02-28 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference:...

9CVSS0.7AI score0.09881EPSS
Exploits7
securityvulns
securityvulns
added 2014/02/03 12:0 a.m.88 views

[CVE-2013-6235] - Multiple Reflected XSS vulnerabilities in JAMon v2.7

Advisory Information Title: Multiple Reflected XSS vulnerabilities in JAMon Date published: 2013-01-23 Date of last update: 2013-01-23 Vendors contacted: JAMon v 2.7 Discovered by: Christian Catalano Severity: Low 02. Vulnerability Information CVE reference: CVE-2013-6235 CVSS v2 Base Score:...

4.3CVSS0.02232EPSS
Exploits2
Packet Storm
Packet Storm
added 2014/01/24 12:0 a.m.60 views

JAMon 2.7 Cross Site Scripting

Advisory Information Title: Multiple Reflected XSS vulnerabilities in JAMon Date published: 2013-01-23 Date of last update: 2013-01-23 Vendors contacted: JAMon v 2.7 Discovered by: Christian Catalano Severity: Low 02. Vulnerability Information CVE reference: CVE-2013-6235 CVSS v2 Base Score:...

4.3CVSS6.5AI score0.02232EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/03/20 12:0 a.m.16 views

Joomla RSfiles SQLi Vulnerabilities

Joomla RSfiles is prone to SQL injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

5.6AI score
Exploits0References5
Rows per page
Query Builder