Lucene search
K

238 matches found

Prion
Prion
added 2014/07/20 11:12 a.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in Nexa Meridian before 2014 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References3
CVE
CVE
added 2014/07/20 10:0 a.m.46 views

CVE-2014-3892

CVE-2014-3892 concerns Meridian (Nexa Meridian) prior to 2014, vulnerable to Cross-site scripting (XSS) that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The issue affects Meridian software (market trading application) and can enable arbitrary script exe...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/07/20 10:0 a.m.27 views

CVE-2014-3892

Cross-site scripting XSS vulnerability in Nexa Meridian before 2014 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01148EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/18 4:47 a.m.2 views

Meridian vulnerable to cross-site scripting

Overview Meridian provided by Nexa Technologies is a software for market trading. Meridian contains a cross-site scripting vulnerability. Kazuyuki Matsuda reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

4.3CVSS6AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/18 12:0 a.m.32 views

JVN#36028879: Meridian vulnerable to cross-site scripting

Meridian provided by Nexa Technologies is a software for market trading. Meridian contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

AJ HYIP MERIDIAN (news.php id) Blind SQL Injection Vulnerability

No description provided by source. AJ HYIP MERIDIAN news.php id Blind SQL Injection Vulnerability bug found by Jose Luis Gongora Fernandez a.k.a JosS contact: sys-projectathotmail.com website: http://www.hack0wn.com/ - site: http://www.ajsquare.com/products/ajhyip/index.php - about AJ HYIP: AJ HY...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/02/24 12:0 a.m.21 views

Nortel Meridian Integrated RAN Default Admin Credentials

The remote device is a Nortel Meridian Integrated RAN MIRAN that uses a set of known, default credentials 'admin' / 'admin000'. Knowing these, an attacker able to connect to the service can gain complete control of the device. Nortel MIRAN is a system card that provides multi-tasking voice...

5.6AI score
Exploits0
NVD
NVD
added 2010/07/30 8:30 p.m.25 views

CVE-2010-2916

SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.00967EPSS
Exploits1References3
CVE
CVE
added 2010/07/30 8:0 p.m.53 views

CVE-2010-2916

CVE-2010-2916 affects the AJ Square AJ HYIP MERIDIAN system, specifically the news.php component. The vulnerability is a SQL injection in the parameter id , allowing remote attackers to execute arbitrary SQL commands. This is confirmed across multiple feeds (NVD entry and related records). The av...

7.5CVSS8.7AI score0.00967EPSS
Exploits1References3Affected Software1
Packet Storm
Packet Storm
added 2010/07/23 12:0 a.m.27 views

AJ HYIP MERIDIAN SQL Injection

AJ HYIP MERIDIAN news.php id Blind SQL Injection Vulnerability bug found by Jose Luis Gongora Fernandez a.k.a JosS contact: sys-projectathotmail.com website: http://www.hack0wn.com/ - site: http://www.ajsquare.com/products/ajhyip/index.php - about AJ HYIP: AJ HYIP is a complete financial tool wit...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2010/07/22 12:0 a.m.14 views

AJ HYIP MERIDIAN - news.php?id Blind SQL Injection

AJ HYIP MERIDIAN - news.php?id Blind SQL Injection AJ HYIP MERIDIAN news.php id Blind SQL Injection Vulnerability bug found by Jose Luis Gongora Fernandez a.k.a JosS contact: sys-projectathotmail.com website: http://www.hack0wn.com/ - site: http://www.ajsquare.com/products/ajhyip/index.php - abou...

0.3AI score
Exploits0
CERT
CERT
added 2007/12/17 12:0 a.m.56 views

Meridian Prolog Manager uses weak authentication to store and transmit user credentials

Overview Meridian Systems Prolog Manager does not use strong encryption and returns a list of all user credentials when authenticating clients. These behaviors could allow an attacker to obtain user credentials and decrypt passwords. Description Meridian Systems Prolog Manager is a set of...

10CVSS6.7AI score0.05075EPSS
Exploits0References5
Prion
Prion
added 2007/12/13 7:46 p.m.18 views

Code injection

Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a 1 cleartext or 2 weakly encrypted format to support client-side login authentication, which makes it easier for remote attackers to obtain database access by capturing credentials via a...

10CVSS7.1AI score0.05075EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/12/13 7:0 p.m.51 views

CVE-2007-6330

Meridian Prolog Manager 2007 and earlier versions (including 7.5 and prior) transmit all usernames and passwords to the client in cleartext or weakly encrypted form to support client-side authentication. This can enable an attacker to capture credentials via network sniffing or a man-in-the-middl...

10CVSS6.5AI score0.05075EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/12/13 7:0 p.m.22 views

CVE-2007-6330

Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a 1 cleartext or 2 weakly encrypted format to support client-side login authentication, which makes it easier for remote attackers to obtain database access by capturing credentials via a...

6.5AI score0.05075EPSS
Exploits0References7
securityvulns
securityvulns
added 2007/12/13 12:0 a.m.24 views

Meridian Prolog Manager weak encryption

Weak username/password encryption...

2.8AI score
Exploits0References1
NVD
NVD
added 2007/05/30 1:30 a.m.16 views

CVE-2007-2886

Unspecified vulnerability in the Nortel CS 1000 M media card in Enterprise VoIP-Core-CS 1000E, 1000M, and 1000S 04.50W before 20070523 in Meridian/CS 1000 allows remote attackers to cause a denial of service card hang via unspecified vectors...

5CVSS6.6AI score0.01747EPSS
Exploits0References8
CVE
CVE
added 2007/04/02 11:0 p.m.55 views

CVE-2007-1820

CVE-2007-1820 affects Nortel Networks CallPilot and Meridian Mail voicemail systems when auto logon is enabled. A remote attacker can spoof Caller ID (CNID) to access, retrieve, or delete messages and reconfigure the mailbox. The vulnerability is documented with a high-severity CVSS v2 score (9.3...

9.3CVSS6.7AI score0.02002EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder