CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4974 matches found

securityvulns•added 2011/06/15 12:0 a.m.•52 views

Javascript Injection in Microsoft Lync 4.0.7577.0

============================================================================ Foofus.net Security Advisory: foofus-20110610 ============================================================================ Title: Javascript Injection in Microsoft Lync Version: 4.0.7577.0 Vendor: Microsoft Release Date:...

0.5AI score

Exploits0

Packet Storm•added 2011/06/13 12:0 a.m.•31 views

Microsoft Lync 4.0.7577.0 Javascript Injection

7.4AI score

Exploits0

Packet Storm•added 2011/06/07 12:0 a.m.•47 views

Squiz Matrix 4.0.6 / 4.2.2 Cross Site Scripting

Squiz Matrix - Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/squiz-matrix-cross-site-scripting Release Date: 06-Jun-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application...

7.4AI score

Exploits0

ThreatPost•added 2011/05/16 5:6 p.m.•9 views

Geek.com Hacked, Found Hosting Exploit Kit

The security geeks at Geek.com were busy this weekend, after Web security firm zScaler found evidence that an exploit kit was using malicious iframe attacks to try to attack visitors to the company’s Web site, according to a Zscaler report Sunday. A post on the web security firm’s blog indicated...

0.7AI score

Exploits0References5

securityvulns•added 2011/02/11 12:0 a.m.•62 views

[SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability

CVE-2011-0533: Apache Continuum cross-site scripting vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Continuum 1.3.6 Continuum 1.4.0 Beta The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected. Description: A request that included a speciall...

4.3CVSS0.5AI score0.12757EPSS

Exploits0

Exploit DB•added 2010/12/21 12:0 a.m.•21 views

Habari Blog - Multiple Vulnerabilities

Vulnerability ID: HTB22732 Reference: http://www.htbridge.ch/advisory/pathdisclosureinhabari.html Product: Habari Vendor: Habari http://habariproject.org/en/ Vulnerable Version: 0.6.5 Vendor Notification: 02 December 2010 Vulnerability Type: Path disclosure Status: Fixed by Vendor Risk level: Low...

7.4AI score

Exploits0

securityvulns•added 2010/12/17 12:0 a.m.•58 views

Embedded Video WordPress Plugin Cross Site Vulnerability (XSS) - CVE-2010-4277

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Embedded Video WordPress Plugin Cross Site Scripting Vulnerability...

4.3CVSS6AI score0.00153EPSS

Exploits1

FreeBSD•added 2010/10/25 12:0 a.m.•79 views

YUI JavaScript library -- JavaScript injection exploits in Flash components

The YUI team reports: A security-related defect was introduced in the YUI 2 Flash component infrastructure beginning with the YUI 2.4.0 release. This defect allows JavaScript injection exploits to be created against domains that host affected YUI .swf files...

4.3CVSS6.7AI score0.02934EPSS

Exploits0References4

exploitpack•added 2010/10/20 12:0 a.m.•26 views

Oracle Sun Java System Web Server - HTTP Response Splitting

Oracle Sun Java System Web Server - HTTP Response Splitting Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied inpu...

7.4AI score

Exploits0

Packet Storm•added 2010/09/18 12:0 a.m.•22 views

Joomla Restaurant Guide Cross Site Scripting / Local File Inclusion / SQL Injection

Exploit Title: Joomla Component comrestaurantguide Multiple Vulnerabilities Date: 18.09.2010 Author: Valentin Category: webapps/0day Version: 1.0.0 Tested on: Debian lenny, Apache2, MySQL 5, Joomla 1.5.x CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::...

0.5AI score

Exploits0

exploitpack•added 2010/09/06 12:0 a.m.•15 views

WordPress Plugin Events Manager Extended - Persistent Cross-Site Scripting

WordPress Plugin Events Manager Extended - Persistent Cross-Site Scripting Author: Craw Email: [email protected] Software Link: http://wordpress.org/extend/plugins/events-manager-extended/ Version: 3.1.2 Category: webapplications ======================================================= + ExploiT 1 ...

6.7AI score

Exploits0

Packet Storm•added 2010/08/27 12:0 a.m.•19 views

E-Bay Cross Site Scripting

http://donations.ebay.com/charity/charity.jsp?NPID=40219&name= "alert'XSS' http://worldofgood.ebay.com/Handmade-Jewelry-Earrings-Necklaces-Rings/47/list ?"alert'XSS' http://worldofgood.ebay.com/list?" http://sea.ebay.com/searchAnnoucement.php?time= "alertdocument.cookie...

0.3AI score

Exploits0

Packet Storm•added 2010/08/19 12:0 a.m.•39 views

Rekonq 0.5 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20100818 Date: 18th August 2010 Author: Tim Brown URL: / Product: Rekonq 0.5 Vendor: Andrea Diamantini Risk: Medium Summary The Rekonq web browser is vulnerable to Javascript injection in a number of components of...

4.3CVSS6.3AI score0.00407EPSS

Exploits2

securityvulns•added 2010/08/19 12:0 a.m.•50 views

Medium security hole in Rekonq web browser

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20100818 Date: 18th August 2010 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Rekonq 0.5 http://rekonq.sourceforge.net/ Vendor: Andr...

4.3CVSS6.2AI score0.00407EPSS

Exploits2

exploitpack•added 2010/07/02 12:0 a.m.•12 views

iScripts EasyBiller - Cross-Site Scripting

iScripts EasyBiller - Cross-Site Scripting $------------------------------------------------------------------------------------------------------------------- $ iScripts EasyBiller Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :...

0.3AI score

Exploits0

Exploit DB•added 2010/07/02 12:0 a.m.•20 views

iScripts EasyBiller - Cross-Site Scripting

$------------------------------------------------------------------------------------------------------------------- $ iScripts EasyBiller Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download : http://www.iscripts.com/easybiller/ $ Date : 02/07/2010 $ Emai...

7.4AI score

Exploits0

RubySec•added 2010/06/15 12:0 a.m.•31 views

CVE-2010-0541 Ruby WEBrick javascript injection flaw

Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page...

4.3CVSS5.3AI score0.01405EPSS

Exploits0References1Affected Software1

securityvulns•added 2010/06/14 12:0 a.m.•78 views

Paessler - PRTG Traffic Grapher XSS

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 08-Jun-2010 Software: Paessler - PRTG Traffic Grapher http://www.paessler.com "PRTG Network Monitor runs 24/7 on a Windows-based machine within your network, recording network usage parameters...

Exploits0

Packet Storm•added 2010/06/09 12:0 a.m.•42 views

Paessler PRTG Traffic Grapher 6.2.1.945 Cross Site Scripting

7.4AI score

Exploits0

Packet Storm•added 2010/05/20 12:0 a.m.•36 views

Google Chrome 4.1.249.1059 Cross Origin Bypass

Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL GURL CVE-ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1663 Author: Jordi Chancel Software Link: http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html Description: The Google URL Parsing...

10CVSS0.1AI score0.07184EPSS

Exploits7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by