Lucene search
K

412 matches found

OSV
OSV
added 2019/05/07 6:29 p.m.14 views

CVE-2019-11629

Sonatype Nexus Repository Manager 2.x before 2.14.13 allows XSS...

6.1CVSS7.1AI score0.00743EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/05/07 5:23 p.m.25 views

CVE-2019-11629

Sonatype Nexus Repository Manager 2.x before 2.14.13 allows XSS...

6.3AI score0.00743EPSS
Exploits0References1
CVE
CVE
added 2019/05/07 5:23 p.m.44 views

CVE-2019-11629

CVE-2019-11629 concerns Nexus Repository Manager 2.x prior to 2.14.13, where a cross-site scripting (XSS) vulnerability exists in the web application. Description in the provided documents states that the vulnerability allows XSS but does not detail specific affected components beyond the product...

6.1CVSS6.2AI score0.00743EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/05/06 12:0 a.m.2 views

Sonatype Nexus Repository Manager Cross-Site Scripting Vulnerability (CNVD-2019-13256)

Sonatype Nexus Repository Manager NXRM is a Maven repository manager from Sonatype USA. A cross-site scripting vulnerability exists in Sonatype NXRM, which stems from a WEB application that fails to properly validate client-side data and can be exploited by an attacker to execute client-side code...

6.1CVSS6.4AI score0.00743EPSS
Exploits0References1
Hacker One
Hacker One
added 2019/04/17 3:48 a.m.1241 views

TomTom: Anonymous user login to Nexus Repository Manager

Hello, By default the Nexus Repository Manager has two login users one is admin and the other is anonymous. The default password for the user "admin" is admin123 The default password for the user "anonymous" is anonymous On your Nexus Repository Manager the password for the user admin has been...

7.3AI score
Exploits0
Veracode
Veracode
added 2019/03/22 3:17 a.m.32 views

Insecure Access Controls

Sonatype Nexus Repository Manager is use an insecure access controls. An unauthenticated user can craft requests in a way that can allow execution of arbitrary code and programs on the host system...

9.8CVSS9.5AI score0.76526EPSS
Exploits4References1Affected Software1
OSV
OSV
added 2019/03/21 5:29 p.m.1 views

CVE-2019-7238

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control...

9.8CVSS7AI score0.76526EPSS
Exploits4References2
NVD
NVD
added 2019/03/21 5:29 p.m.24 views

CVE-2019-7238

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control...

9.8CVSS9.6AI score0.76526EPSS
Exploits4References2
Prion
Prion
added 2019/03/21 5:29 p.m.16 views

Improper access control

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control...

7.5CVSS9.4AI score0.76526EPSS
Exploits4References1Affected Software1
Cvelist
Cvelist
added 2019/03/21 4:45 p.m.23 views

CVE-2019-7238

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control...

9.6AI score0.76526EPSS
Exploits4References1
Veracode
Veracode
added 2019/03/12 2:7 a.m.19 views

Cross-Site Scripting (XSS)

nexus-repository is vulnerable to cross-site scripting XSS. A lack of input validation and output sanitization allows a remote attacker to inject arbitrary Javascript into victim's browser through multiple parameters...

4.8CVSS5.3AI score0.01338EPSS
Exploits0References4Affected Software1
myhack58
myhack58
added 2019/03/12 12:0 a.m.259 views

Nexus Repository Manager 3 new vulnerability has been used in mining Trojan spread, users are advised to fix as soon as possible-vulnerability warning-the black bar safety net

Recently, Ali cloud security monitoring to watchbog mining Trojan use the new exposure of the Nexus Repository Manager 3 remote code execution vulnerabilityCVE-2019-7238for attack and mining the events. It is worth noting that this attack Start Time 2 on 24th and 2 on 5 May above products, the...

9CVSS9AI score0.87544EPSS
Exploits14
CNVD
CNVD
added 2018/11/16 12:0 a.m.3 views

Sonatype Nexus Repository Manager Java Code Execution Vulnerability

Sonatype Nexus Repository Manager aka NXRM is a maven repository manager. A security vulnerability exists in Sonatype NXRM versions prior to 3.14. An attacker can exploit the vulnerability to execute code on the server...

7.2CVSS7.9AI score0.0175EPSS
Exploits2References1
CNVD
CNVD
added 2018/11/16 12:0 a.m.2 views

Sonatype Nexus Repository Manager Improper Access Control Vulnerability

Sonatype Nexus Repository Manager aka NXRM is a maven repository manager. A security vulnerability exists in Sonatype NXRM versions prior to 3.14, which is caused by the program failing to enforce proper access control. The vulnerability can be exploited to gain access to other hosts and open por...

7.5CVSS7.6AI score0.01124EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/16 12:0 a.m.2 views

Sonatype Nexus Repository Manager Cross-Site Scripting Vulnerability (CNVD-2019-07005)

Sonatype Nexus Repository Manager aka NXRM is a maven repository manager. A cross-site scripting vulnerability exists in Sonatype NXRM versions prior to 3.14. A remote attacker can exploit this vulnerability to execute arbitrary JavaScript code in a user's browser...

6.1CVSS6.3AI score0.00691EPSS
Exploits0References1
NVD
NVD
added 2018/11/15 8:29 p.m.13 views

CVE-2018-16619

Sonatype Nexus Repository Manager before 3.14 allows XSS...

6.1CVSS6.3AI score0.00691EPSS
Exploits0References1
OSV
OSV
added 2018/11/15 8:29 p.m.31 views

CVE-2018-16621

Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection...

7.2CVSS6.9AI score0.0175EPSS
Exploits2References2
Prion
Prion
added 2018/11/15 8:29 p.m.10 views

Cross site scripting

Sonatype Nexus Repository Manager before 3.14 allows XSS...

4.3CVSS6.3AI score0.00691EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/11/15 8:29 p.m.18 views

Design/Logic Flaw

Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control...

5CVSS7.6AI score0.01124EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/11/15 8:29 p.m.45 views

CVE-2018-16621

Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection...

7.2CVSS7AI score0.0175EPSS
Exploits2References2
Rows per page
Query Builder