Lucene search
K

7657 matches found

Exploit DB
Exploit DB
added 2017/01/04 12:0 a.m.89 views

Atlassian Confluence < 5.10.6 - Persistent Cross-Site Scripting

===== Tempest Security Intelligence - ADV-3/2016 CVE-2016-6283 ============== Persisted Cross-Site Scripting XSS in Confluence Jira Software ---------------------------------------------------------------- Authors: - Jodson Santos - [email protected] Tempest Security Intelligence -...

6.1CVSS6.5AI score0.03826EPSS
Exploits3
Veracode
Veracode
added 2017/01/03 6:14 a.m.14 views

Persistent Cross-site Scripting (XSS)

Products.PortalTransforms is vulnerable to persistent cross-site scripting XSS attack. It allows an attacker to use markup that bypasses Plone's safehtml filter to insert and save arbitrary HTML with malicious content...

3.5CVSS5.3AI score0.01257EPSS
Exploits0References9Affected Software1
Vulnerability Lab
Vulnerability Lab
added 2016/12/19 12:0 a.m.42 views

Docebo LMS v6.9 - (Clone Links) Persistent Vulnerability

Document Title: =============== Docebo LMS v6.9 - Clone Links Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1878 Release Date: ============= 2016-12-19 Vulnerability Laboratory ID VL-ID: ==================================== 187...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/12/19 12:0 a.m.78 views

Docebo LMS v6.9 - (Clone Links) Persistent Vulnerability

Document Title: =============== Docebo LMS v6.9 - Clone Links Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1878 Release Date: ============= 2016-12-19 Vulnerability Laboratory ID VL-ID: ==================================== 187...

7.1AI score
Exploits0
OSV
OSV
added 2016/12/15 6:59 a.m.3 views

CVE-2016-3173

An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The aria-label parameter of tiles at the Portal can be used to inject script code. Those labels use the name of the file e.g. an image which gets displayed at the portal application. Using script code at the file name leads t...

5.4CVSS5.9AI score
Exploits0References2
Prion
Prion
added 2016/12/14 12:59 a.m.13 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting XSS attack against a user of the affected interface on an affected device. More Information: CSCvb37346...

4.3CVSS6AI score0.0128EPSS
Exploits0References3Affected Software1
Friends Of PHP
Friends Of PHP
added 2016/12/12 12:13 p.m.25 views

Incorrect persistent NameID generation

More info at https://simplesamlphp.org/security/201612-04...

9.8CVSS7.2AI score0.01656EPSS
Exploits0Affected Software1
OSV
OSV
added 2016/12/11 2:59 a.m.4 views

CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

5.9CVSS7.6AI score
Exploits0References4
OSV
OSV
added 2016/12/11 2:59 a.m.3 views

DEBIAN-CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

5.9CVSS9.3AI score0.01799EPSS
Exploits0References1
OSV
OSV
added 2016/12/11 2:59 a.m.5 views

ALPINE-CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

5.9CVSS7.2AI score0.01799EPSS
Exploits0References1
Prion
Prion
added 2016/12/11 2:59 a.m.16 views

Design/Logic Flaw

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

4.3CVSS7.1AI score0.01799EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2016/12/11 2:59 a.m.4 views

UBUNTU-CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

5.9CVSS7AI score0.01799EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2016/12/11 2:0 a.m.47 views

CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

5.9CVSS7.7AI score0.01799EPSS
Exploits0
Debian CVE
Debian CVE
added 2016/12/11 2:0 a.m.29 views

CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

5.9CVSS7.7AI score0.01799EPSS
Exploits0
Hacker One
Hacker One
added 2016/12/06 11:19 p.m.49 views

Starbucks: Persistent XSS in www.starbucks.com

There is a persistent XSS in https://www.starbucks.com/coffee/espresso/latte-macchiato It is caused by loading scripts from: //starbucksmacchiato-prod.elasticbeanstalk.com/scripts/bn-v1.0.0-Release-min.js Note that starbucksmacchiato-prod.elasticbeanstalk.com is not registered on elastic beanstal...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2016/12/05 1:52 p.m.18 views

New Large-Scale DDoS Attacks Follow Schedule

A powerful new botnet is being blamed for massive and sustained DDoS attacks that security researchers at CloudFlare compare to Mirai when it comes to intensity and scope. The attacks began Nov. 23 and ran for eight hours daily, similar to an average workday. The consistent attacks occurred for...

7.5AI score
Exploits0References4
Hacker One
Hacker One
added 2016/12/03 3:44 a.m.18 views

U.S. Dept Of Defense: XSS vulnerability on an Army website

A U.S. Army website was vulnerable to a cross-site scripting attack which may be used to trick a web user into executing a malicious script, potentially revealing a user's browser cookies or modify web content. spam404 was able to demonstrate this vulnerability by crafting a specially formatted...

3.5AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/28 12:0 a.m.49 views

Tenda / D-Link / TP-Link DHCP Cross Site Scripting

Document Title: =============== Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1990 Release Date: ============= 2016-11-28 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/11/28 12:0 a.m.36 views

Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability

Document Title: =============== Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1990 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20372...

5.4CVSS5.5AI score0.0059EPSS
Exploits4
Vulnerability Lab
Vulnerability Lab
added 2016/11/26 12:0 a.m.45 views

Burden TMA v2.1.1 - (Task) Persistent Web Vulnerability

Document Title: =============== Burden TMA v2.1.1 - Task Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1998 Release Date: ============= 2016-11-26 Vulnerability Laboratory ID VL-ID: ==================================== 199...

7.1AI score
Exploits0
Rows per page
Query Builder