Lucene search
K

113 matches found

OSV
OSV
added 2020/09/03 9:15 p.m.2 views

CVE-2020-1890

A URL validation issue in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have caused the recipient of a sticker message containing deliberately malformed data to load an image from a sender-controlled URL without user interaction...

7.5CVSS5.8AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/21 2:52 p.m.5 views

mod_auth_openidc: Open redirect issue exists in URLs with slash and backslash

An open redirect flaw was discovered in modauthopenidc where it handles logout redirection. The module does not correctly validate the URL, allowing a URL with slash and backslash at the beginning to bypass the protection checks. A victim user may be tricked into visiting a trusted vulnerable web...

6.1CVSS5.7AI score0.01893EPSS
Exploits0References4
NVD
NVD
added 2019/11/26 5:15 p.m.17 views

CVE-2019-18454

An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS...

6.1CVSS6AI score0.00691EPSS
Exploits0References2
Prion
Prion
added 2019/11/26 5:15 p.m.18 views

Cross site scripting

An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS...

4.3CVSS6.3AI score0.00691EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/11/26 4:31 p.m.21 views

CVE-2019-18454

An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS...

6.7AI score0.00691EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/11/26 4:31 p.m.22 views

CVE-2019-18454

Removed by vendor...

6.1CVSS6.3AI score0.00691EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.3 views

Vulnerabilities of browsers Firefox, Firefox ESR, and the email client Thunderbird, due to insufficient validation of input data, allow attackers to access confidential information.

The vulnerabilities of Firefox browsers, Firefox ESR, and the Thunderbird email client are related to the lack of data validation during the creation of hyperlinks in tabs, as well as when the link is later dragged into the web content area. Exploiting these vulnerabilities can allow an attacker ...

5.3CVSS5.5AI score0.01392EPSS
Exploits0References8Affected Software6
OSV
OSV
added 2019/08/15 12:0 a.m.7 views

UBUNTU-CVE-2019-9850

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

9.8CVSS7.4AI score0.0337EPSS
Exploits0References6
OSV
OSV
added 2018/11/13 8:29 p.m.3 views

CVE-2018-2476

Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site...

6.1CVSS5.8AI score0.00963EPSS
Exploits0References3
OSV
OSV
added 2017/04/17 9:59 p.m.4 views

CVE-2017-1161

IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the system with the...

7.3CVSS6.1AI score0.01495EPSS
Exploits0References2
PyPA
PyPA
added 2015/03/25 2:59 p.m.5 views

PYSEC-2015-9

The utils.http.issafeurl function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting XSS attacks via a control character in a URL, as demonstrated by a...

4.3CVSS6.1AI score0.0499EPSS
Exploits0References11Affected Software1
exploitpack
exploitpack
added 2013/01/28 12:0 a.m.6397 views

PHP weby directory software 1.2 - Multiple Vulnerabilities

PHP weby directory software 1.2 - Multiple Vulnerabilities =========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Power...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2013/01/28 12:0 a.m.10863 views

PHP weby directory software 1.2 - Multiple Vulnerabilities

=========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Powered by PHP weby software...

7.4AI score
Exploits0
Rows per page
Query Builder