7660 matches found
Microsoft Info - Filter Bypass & Persistent Vulnerability
Document Title: =============== Microsoft Info - Filter Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2023 MSRC ID: TRK:0901002416 Release Date: ============= 2017-09-06 Vulnerability Laboratory ID VL-ID:...
Mobile Bootloaders From Top Manufacturers Found Vulnerable to Persistent Threats
Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California...
Telekom Prepaid Shop - Multiple Persistent Vulnerabilities
Document Title: =============== Telekom Prepaid Shop - Multiple Persistent Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2051 Telekom Security ID: 20170407TLu04 Release Date: ============= 2017-09-05 Vulnerability Laboratory ID VL-ID:...
Microsoft Info - Filter Bypass & Persistent Vulnerability
Document Title: =============== Microsoft Info - Filter Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2023 MSRC ID: TRK:0901002416 Release Date: ============= 2017-09-05 Vulnerability Laboratory ID VL-ID:...
CodeMeter 6.50 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13754 CVE-ID: ======= CVE-2017-13754 Current Estimat...
Wibu Systems AG CodeMeter 6.50 Cross Site Scripting
Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements: https://www.flickr.com/photos/vulnerabilitylab/36912680045/...
WordPress WpJobBoard 4.5.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Document Title: =============== WpJobBoard v4.5.1 - Multiple Cross Site Web Vulnerabilities Vulnerability Class: ==================== Cross Site Scripting - Non Persistent Current Estimated Price: ======================== 500a! - 1.000a! Produ...
DEBIAN-CVE-2017-12873
SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider IdP is misconfigured...
Session Hijacking Bug Exposed GitLab Users Private Tokens
GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have exposed its users to session hijacking attacks. Daniel Svartman, a security researcher with Imperva, discovered the issue in May but couldn’t disclose it until Wednesday, after GitLab was able to...
CVE-2017-13671
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...
CVE-2017-13671
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...
Design/Logic Flaw
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...
CVE-2017-13671
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...
CVE-2017-13671
CVE-2017-13671 affects the MISP application prior to version 2.4.79, in the file app/View/Helper/CommandHelper.php . The vulnerability is a persistent cross-site scripting (XSS) flaw via the comments field. The impact is limited to users on the same instance because the comment field is not inclu...
Backdrop CMS 1.7.1 Cross Site Scripting Vulnerability
Backdrop CMS versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability. I. VULNERABILITY ------------------------- Backdrop CMS Content types - Add content type And post: POST /backdrop/admin/structure/types/add HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 Windows N...
Targeted Attack Landscape: A Continuing Threat
When planning the cyber defenses of an organization, it's important to factor in the total threat landscape - including continuing threats as well as emerging security issues. In this way, organizations can create a more holistic data protection posture. While not seen in many headlines currently...
Apache2Triad 1.5.4 CSRF / XSS / Session Fixation
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txt + ISR: ApparitionSec Vendor: =============== apache2triad.net https://sourceforge.net/projects/apache2triad/ Product:...
Apache2Triad 1.5.4 - Multiple Vulnerabilities
Exploit for php platform in category web applications + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txt + ISR: ApparitionSec Vendor: =============== apache2triad.net...
Apache2Triad 1.5.4 - Multiple Vulnerabilities
Apache2Triad 1.5.4 - Multiple Vulnerabilities + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txt + ISR: ApparitionSec Vendor: =============== apache2triad.net...
WpJobBoard v4.5.1 - Multiple Cross Site Web Vulnerabilities
Document Title: =============== WpJobBoard v4.5.1 - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1941 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15375 CVE-ID: ======= CVE-2017-15375 Release Date:...