Lucene search
K

7660 matches found

Vulnerability Lab
Vulnerability Lab
added 2017/09/06 12:0 a.m.66 views

Microsoft Info - Filter Bypass & Persistent Vulnerability

Document Title: =============== Microsoft Info - Filter Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2023 MSRC ID: TRK:0901002416 Release Date: ============= 2017-09-06 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2017/09/05 9:11 p.m.45 views

Mobile Bootloaders From Top Manufacturers Found Vulnerable to Persistent Threats

Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California...

7.1CVSS7.4AI score0.00365EPSS
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/09/05 12:0 a.m.42 views

Telekom Prepaid Shop - Multiple Persistent Vulnerabilities

Document Title: =============== Telekom Prepaid Shop - Multiple Persistent Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2051 Telekom Security ID: 20170407TLu04 Release Date: ============= 2017-09-05 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/09/05 12:0 a.m.47 views

Microsoft Info - Filter Bypass & Persistent Vulnerability

Document Title: =============== Microsoft Info - Filter Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2023 MSRC ID: TRK:0901002416 Release Date: ============= 2017-09-05 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/09/04 12:0 a.m.94 views

CodeMeter 6.50 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13754 CVE-ID: ======= CVE-2017-13754 Current Estimat...

3.5CVSS6.3AI score0.03877EPSS
Exploits7
Packet Storm
Packet Storm
added 2017/09/04 12:0 a.m.97 views

Wibu Systems AG CodeMeter 6.50 Cross Site Scripting

Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements: https://www.flickr.com/photos/vulnerabilitylab/36912680045/...

5.9AI score0.03877EPSS
Exploits7
0day.today
0day.today
added 2017/09/04 12:0 a.m.29 views

WordPress WpJobBoard 4.5.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Document Title: =============== WpJobBoard v4.5.1 - Multiple Cross Site Web Vulnerabilities Vulnerability Class: ==================== Cross Site Scripting - Non Persistent Current Estimated Price: ======================== 500a! - 1.000a! Produ...

7.1AI score
Exploits0
OSV
OSV
added 2017/09/01 9:29 p.m.1 views

DEBIAN-CVE-2017-12873

SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider IdP is misconfigured...

9.8CVSS9.6AI score0.01656EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/08/31 5:0 p.m.21 views

Session Hijacking Bug Exposed GitLab Users Private Tokens

GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have exposed its users to session hijacking attacks. Daniel Svartman, a security researcher with Imperva, discovered the issue in May but couldn’t disclose it until Wednesday, after GitLab was able to...

6.9AI score
Exploits0References2
NVD
NVD
added 2017/08/24 7:29 p.m.14 views

CVE-2017-13671

app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...

6.1CVSS6AI score0.00967EPSS
Exploits0References2
OSV
OSV
added 2017/08/24 7:29 p.m.16 views

CVE-2017-13671

app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...

6.1CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2017/08/24 7:29 p.m.18 views

Design/Logic Flaw

app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...

4.3CVSS6AI score0.00967EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/24 7:0 p.m.22 views

CVE-2017-13671

app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation...

6AI score0.00967EPSS
Exploits0References2
CVE
CVE
added 2017/08/24 7:0 p.m.56 views

CVE-2017-13671

CVE-2017-13671 affects the MISP application prior to version 2.4.79, in the file app/View/Helper/CommandHelper.php . The vulnerability is a persistent cross-site scripting (XSS) flaw via the comments field. The impact is limited to users on the same instance because the comment field is not inclu...

6.1CVSS5.9AI score0.00967EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2017/08/23 12:0 a.m.73 views

Backdrop CMS 1.7.1 Cross Site Scripting Vulnerability

Backdrop CMS versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability. I. VULNERABILITY ------------------------- Backdrop CMS Content types - Add content type And post: POST /backdrop/admin/structure/types/add HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 Windows N...

6.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/08/22 8:53 p.m.43 views

Targeted Attack Landscape: A Continuing Threat

When planning the cyber defenses of an organization, it's important to factor in the total threat landscape - including continuing threats as well as emerging security issues. In this way, organizations can create a more holistic data protection posture. While not seen in many headlines currently...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2017/08/21 12:0 a.m.49 views

Apache2Triad 1.5.4 CSRF / XSS / Session Fixation

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txt + ISR: ApparitionSec Vendor: =============== apache2triad.net https://sourceforge.net/projects/apache2triad/ Product:...

7.4AI score0.15668EPSS
Exploits7
0day.today
0day.today
added 2017/08/21 12:0 a.m.62 views

Apache2Triad 1.5.4 - Multiple Vulnerabilities

Exploit for php platform in category web applications + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txt + ISR: ApparitionSec Vendor: =============== apache2triad.net...

7.5CVSS7.4AI score0.15668EPSS
Exploits7
exploitpack
exploitpack
added 2017/08/21 12:0 a.m.34 views

Apache2Triad 1.5.4 - Multiple Vulnerabilities

Apache2Triad 1.5.4 - Multiple Vulnerabilities + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txt + ISR: ApparitionSec Vendor: =============== apache2triad.net...

7.5CVSS0.15668EPSS
Exploits7
Vulnerability Lab
Vulnerability Lab
added 2017/08/18 12:0 a.m.58 views

WpJobBoard v4.5.1 - Multiple Cross Site Web Vulnerabilities

Document Title: =============== WpJobBoard v4.5.1 - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1941 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15375 CVE-ID: ======= CVE-2017-15375 Release Date:...

4.3CVSS6.5AI score0.00901EPSS
Exploits3
Rows per page
Query Builder