Lucene search
+L

259 matches found

NVD
NVD
added 2019/09/17 3:15 p.m.23 views

CVE-2019-11559

A reflected Cross-site scripting XSS vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component...

6.1CVSS6.1AI score0.01106EPSS
Exploits1References2
Prion
Prion
added 2019/09/17 3:15 p.m.22 views

Cross site scripting

A reflected Cross-site scripting XSS vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component...

4.3CVSS6AI score0.01106EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/09/17 2:44 p.m.25 views

CVE-2019-11559

A reflected Cross-site scripting XSS vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component...

6.1AI score0.01106EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2019/09/17 12:0 a.m.5 views

PT-2019-12379 · Hrworks · Hrworks

Name of the Vulnerable Software and Affected Versions: HRworks version 1.16.1 Description: A reflected Cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component. This can be achieved by manipulating the URL to includ...

6.1CVSS6.4AI score0.01106EPSS
Exploits1References3
Prion
Prion
added 2019/06/10 8:29 p.m.20 views

Design/Logic Flaw

A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit...

4.3CVSS4.8AI score0.02263EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/06/10 7:35 p.m.31 views

CVE-2019-11881

A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to...

5.1AI score0.02263EPSS
Exploits1References4
CVE
CVE
added 2019/06/10 7:35 p.m.80 views

CVE-2019-11881

Summary: CVE-2019-11881 affects Rancher server versions prior to 2.2.4, in the login component. The vulnerability arises from tampering with the “errorMsg” parameter, which can display arbitrary content after filtering tags but not special characters, enabling attackers to lure users to phishing ...

4.7CVSS4.6AI score0.02263EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2019/06/10 12:0 a.m.7 views

PT-2019-12541 · Rancher · Rancher

Name of the Vulnerable Software and Affected Versions: Rancher versions prior to 2.2.4 Rancher version 2.1.4 Description: A vulnerability exists in the login component of Rancher, where the errorMsg parameter can be tampered to display arbitrary content. Although tags are filtered, special...

4.7CVSS6AI score0.02263EPSS
Exploits1References12
OSV
OSV
added 2018/01/18 2:29 a.m.6 views

CVE-2018-2613

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications subcomponent: Login. Supported versions that are affected are 7.x, 8.0.x and 8.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Argus...

8.2CVSS5.8AI score0.01198EPSS
Exploits0References2
CNVD
CNVD
added 2018/01/17 12:0 a.m.8 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-02401)

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on a variety of management software collection, is a seamless integration of a management suite. An...

5.8CVSS6.7AI score0.01124EPSS
Exploits0References1
CNVD
CNVD
added 2018/01/17 12:0 a.m.6 views

Unspecified Vulnerability in Oracle Argus Safety

Oracle Argus Safety is a complete pharmacovigilance software system designed to address the pharmaceutical industry's toughest regulatory challenges. An unspecified vulnerability exists in the Login component of Oracle Argus Safety. An attacker could exploit the vulnerability to compromise...

8.2CVSS6.7AI score0.01198EPSS
Exploits0References1
OSV
OSV
added 2016/04/21 10:59 a.m.4 views

CVE-2016-0699

Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component...

9.1CVSS7.3AI score0.02775EPSS
Exploits0References2
CNVD
CNVD
added 2015/01/22 12:0 a.m.5 views

Oracle iLearning has an unspecified vulnerability (CNVD-2015-00579)

Oracle iLearning is an enterprise-class learning management system Learning Management System, LMS, and is one of the core components of Oracle's E-Business Suite. A security vulnerability exists in the Oracle iLearning login component that could be exploited by remote attackers to compromise...

4.3CVSS6.9AI score0.01273EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/11/15 6:54 a.m.6 views

ASP.NET vulnerable to open redirect

Overview ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. Therefore a web application that implements ASP.NET may be vulnerabl...

6.8CVSS6.6AI score0.24138EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/11/15 12:0 a.m.56 views

JVN#71256611: ASP.NET vulnerable to open redirect

ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. Therefore a web application that implements ASP.NET may be vulnerable. Impact The user who accesses the web application that implements ASP.NET may be redirected to an arbitrary website. ...

6.8CVSS6AI score0.24138EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/04/11 12:0 a.m.17 views

Quest Defender Desktop Login Component Unspecified Vulnerability

The version of Quest Defender Desktop Login Component installed on the remote Windows host is prior to 5.7.0.4278. It is, therefore, potentially affected by an unspecified security vulnerability according to Quest knowledge base article SOL104608. C Tenable Network Security, Inc...

5.5AI score
Exploits0References1
NVD
NVD
added 2011/07/07 7:55 p.m.14 views

CVE-2011-2682

The Login component in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote authenticated users to cause a denial of service license consumption by trying to login to DOORS Web Access with a new user account that has never been used for a DOORS login...

4CVSS6.1AI score0.01174EPSS
Exploits1References4
NVD
NVD
added 2008/03/20 12:44 a.m.24 views

CVE-2007-4592

Multiple cross-site scripting XSS vulnerabilities in the web interface for IBM Rational ClearQuest before 2003.06.16 Patch 2008A, 7.0.0.2iFix01, and 7.0.1.1iFix01 allow remote attackers to inject arbitrary web script or HTML via the 1 contextid, 2 username, 3 userNameVal, and 4 schema parameters ...

4.3CVSS5.6AI score0.04495EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2007/01/16 12:0 a.m.7 views

PT-2007-1215 · Portix · Portix-Php

Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the username and passwd fields in the login component. Recommendations: For Portix-PHP version 0.4.2, update to a version that fixes...

7.5CVSS8.4AI score0.01096EPSS
Exploits0References6
Rows per page
Query Builder