Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

CVE
CVEadded 2013/10/01 12:0 a.m.45 views

CVE-2013-3041

IBM Rational ClearQuest Web Client contains a JSON Hijacking vulnerability (CVE-2013-3041) that could allow remote attackers to disclose sensitive information from the client–server data stream. Affected are ClearQuest Web: 7.1.x before 7.1.2.12, 8.0.x before 8.0.0.8, and 8.0.1.x before 8.0.1.1. ...

4.3CVSS6AI score0.00207EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2013/10/01 12:0 a.m.19 views

CVE-2013-3041

The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to obtain sensitive information from the client-server data stream via unspecified vectors associated with a "JSON hijacking attack."...

5.9AI score0.00207EPSS
Exploits0References2
Kitploit
Kitploitadded 2013/08/14 5:6 a.m.15 views

[IronWASP v0.9.6.5] Open Source Advanced Web Security Testing Platform

IronWASP Iron Web application Advanced Security testing Platform is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripti...

7AI score
Exploits0
myhack58
myhack58added 2013/02/21 12:0 a.m.19 views

IE generic JSON hijacking vulnerabilities-vulnerability warning-the black bar safety net

Brief description: Due to the certain resource container data improper handling lead to json hijacking vulnerabilities. Detailed description: Since ie supports vbscript,so the script elements may be specified to the vbscript language: script language=vbscript/script When but we specify that a js...

0.5AI score
Exploits0
securityvulns
securityvulnsadded 2010/11/09 12:0 a.m.73 views

Spree e-commerce JSON Hijacking Vulnerabilities - CVE-2010-3978

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Spree e-commerce JSON Hijacking Vulnerabilities CVE-2010-3978 INTRODUCTI...

5CVSS6.3AI score0.00635EPSS
Exploits1
Packet Storm
Packet Stormadded 2010/10/15 12:0 a.m.22 views

Gmail JSON Hijacking Proof Of Concept

Gmail Thief by 80vul.com @import url"http://www.google.com/igrestore"; function showMailgt var w = document.styleSheets0.imports1.cssText; var re = new RegExp"accountidx3d.+?""; var reRes = re.execw; if reRes document.getElementById"whom".innerText = reRes1; var e =...

Exploits0
myhack58
myhack58added 2008/12/01 12:0 a.m.15 views

JSON Hijacking of use as well as Web API security-vulnerability warning-the black bar safety net

by:cosine JSON Hijacking what role, as a black brother said, You can CSRF to give the user privacy data: a. The principle of the last presentation, first take a attack example, take the meal to do an experiment. First of all, we see this:http://help.fanfou.com/api.html. Rice no API. Wherein:...

7.3AI score
Exploits0
Rows per page
Query Builder