CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

559 matches found

Exploit DB•added 2009/01/08 12:0 a.m.•31 views

Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32937/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

Exploit DB•added 2009/01/08 12:0 a.m.•21 views

Openfire 3.6.2 - 'user-properties.jsp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32938/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

Exploit DB•added 2009/01/08 12:0 a.m.•19 views

Openfire 3.6.2 - 'log.jsp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32940/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score

Exploits0

Exploit DB•added 2009/01/08 12:0 a.m.•25 views

Openfire 3.6.2 - 'log.jsp' Directory Traversal

source: https://www.securityfocus.com/bid/32945/info Openfire is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. Openfire...

7.4AI score

Exploits0

exploitpack•added 2009/01/08 12:0 a.m.•15 views

Openfire 3.6.2 - log.jsp Directory Traversal

Openfire 3.6.2 - log.jsp Directory Traversal source: https://www.securityfocus.com/bid/32945/info Openfire is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information...

7.4AI score

Exploits0

exploitpack•added 2009/01/08 12:0 a.m.•9 views

Openfire 3.6.2 - log.jsp Cross-Site Scripting

Openfire 3.6.2 - log.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/32940/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...

6.8AI score

Exploits0

exploitpack•added 2009/01/08 12:0 a.m.•9 views

Openfire 3.6.2 - user-properties.jsp Cross-Site Scripting

Openfire 3.6.2 - user-properties.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/32938/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...

6.8AI score

Exploits0

exploitpack•added 2009/01/08 12:0 a.m.•24 views

Openfire 3.6.2 - group-summary.jsp Cross-Site Scripting

Openfire 3.6.2 - group-summary.jsp Cross-Site Scripting...

0.9AI score

Exploits0

Core Security•added 2009/01/08 12:0 a.m.•70 views

Openfire multiple vulnerabilities

Openfire multiple vulnerabilities 1. Advisory Information Title: Openfire multiple vulnerabilities Advisory ID: CORE-2008-1128 Advisory URL: Date published: 2009-01-08 Date of last update: 2009-01-07 Vendors contacted: Jive Software Release mode: Coordinated release 2. Vulnerability Information...

7.7AI score

Exploits0

OpenVAS•added 2008/12/02 12:0 a.m.•30 views

Openfire 'AuthCheck Filter' Security Bypass Vulnerability

Openfire is prone to a security bypass vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.5CVSS8.5AI score0.83382EPSS

Exploits5References3

OpenVAS•added 2008/12/02 12:0 a.m.•38 views

Openfire 'AuthCheck Filter' Security Bypass Vulnerability

The host is running Openfire and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodopenfiresecbypass900401.nasl 5347 2017-02-19 09:15:55Z cfi $ Description: Openfire 'AuthCheck' Filter Security Bypass Vulnerability Authors: Sujit Ghosal Copyright: Copyright C 2008...

7.5CVSS0.2AI score0.83382EPSS

Exploits5References3

OpenVAS•added 2008/11/24 12:0 a.m.•34 views

FreeBSD Ports: openfire

The remote host is missing an update to the system as announced in the referenced advisory. VID 937adf01-b64a-11dd-a55e-00163e000016 OpenVAS Vulnerability Test $ Description: Auto generated from VID 937adf01-b64a-11dd-a55e-00163e000016 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS6.8AI score0.83382EPSS

Exploits9

OpenVAS•added 2008/11/24 12:0 a.m.•18 views

FreeBSD Ports: openfire

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS6.4AI score0.83382EPSS

Exploits9References4

Tenable Nessus•added 2008/11/21 12:0 a.m.•36 views

FreeBSD : openfire -- multiple vulnerabilities (937adf01-b64a-11dd-a55e-00163e000016)

Andreas Kurtz reports : The jabber server Openfire = version 3.6.0a contains several serious vulnerabilities. Depending on the particular runtime environment these issues can potentially even be used by an attacker to execute code on operating system level. - Authentication bypass - This...

7.5CVSS6.6AI score0.83382EPSS

Exploits9References10

seebug.org•added 2008/11/11 12:0 a.m.•47 views

Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities

No description provided by source. Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de Affected Software: Openfire Server = 3.6.0a...

7.1AI score

Exploits0

seebug.org•added 2008/11/11 12:0 a.m.•67 views

Openfire多个输入验证漏洞

BUGTRAQ ID: 32189 Openfire（原名为Wildfire）是一个采用Java开发的跨平台开源实时协作（RTC）服务器。 Openfire服务器中的多个安全漏洞可能允许攻击者在操作系统上执行任意代码，具体取决于特定的运行时环境。 1 绕过认证在对openfire管理接口的认证中，Tomcat应用服务器中的过滤器org.jivesoftware.admin.AuthCheckFilter确保仅有通过认证的用户才可以访问管理接口，否则将会被重新定向到登录页面。Openfire中的一个错误可能导致无需管理用户凭据便访问内部功能。...

6.9AI score

Exploits0

securityvulns•added 2008/11/10 12:0 a.m.•20 views

OpenFire jabber server multiple security vulnerabilities

Authentication bypass, SQL injection, crossite scripting...

1.9AI score

Exploits0References1Affected Software1

securityvulns•added 2008/11/10 12:0 a.m.•107 views

[AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)

Please find attached a detailed advisory of the vulnerability. Alternatively, the advisory can also be found at: http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last...

0.2AI score

Exploits0

seebug.org•added 2008/11/09 12:0 a.m.•16 views

Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities

7.1AI score

Exploits0

exploitpack•added 2008/11/09 12:0 a.m.•20 views

Openfire Server 3.6.0a - Authentication Bypass SQL Injection Cross-Site Scripting

Openfire Server 3.6.0a - Authentication Bypass SQL Injection Cross-Site Scripting Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de...

1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by