CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2014/01/06 12:0 a.m.•29 views

Seagate BlackArmor NAS sg2000-2000.1331 Cross Site Scripting

Exploit Title: Seagate BlackArmor NAS - Multiple Persistent Cross Site Scripting Vulnerabilities Google Dork: N/A Date: 04-01-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.seagate.com/ Software Link: http://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl...

seebug.org•added 2014/01/06 12:0 a.m.•17 views

Seagate BlackArmor NAS sg2000-2000.1331跨站脚本漏洞

No description provided by source. Exploit Title: Seagate BlackArmor NAS - Multiple Persistent Cross Site Scripting Vulnerabilities Google Dork: N/A Date: 04-01-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.seagate.com/ http://www.seagate.com/ Software Link:...

exploitpack•added 2014/01/06 12:0 a.m.•16 views

Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: Seagate BlackArmor NAS - Multiple Persistent Cross Site Scripting Vulnerabilities Google Dork: N/A Date: 04-01-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage:...

4.3CVSS9.1AI score0.03217EPSS

Exploit DB•added 2014/01/06 12:0 a.m.•24 views

Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities

0day.today•added 2014/01/06 12:0 a.m.•35 views

Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross Site Scripting Vulnerabilities

Exploit for hardware platform in category web applications When adding a user to the device, it is possible to enter a full name. This input field does not sanitize its input and it is possible to enter any payload which will get executed upon reload. The workgroup configuration is also vulnerabl...

Packet Storm•added 2014/01/05 12:0 a.m.•24 views

WEBCrafted Cross Site Scripting

WEBCrafted Exploit Exploit By G4eL Exploit Title: WEBCrafted - Persistent XSS Google Dork: inurl:"/templates/webcrafted/" Date: 04/01/2014 Exploit Author: G4eL Software Link: http://www.bukkit.fr/index.php?/files/file/24-webcrafted-le-cms-minecraft/ Persistent XSS in users accounts Users...

7.4AI score

Packet Storm•added 2014/01/02 12:0 a.m.•34 views

Technicolor TC7200 Cross Site Scripting

Exploit Title: Technicolor TC7200 - Multiple XSS Vulnerabilities Google Dork: N/A Date: 02-01-2013 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.technicolor.com/en/solutions-services/connected-home/modems-gatew ays/cable-modems-gateways/tc7200-tc7300 Software Link: N/A Version:...

4.3CVSS6.6AI score0.01428EPSS

exploitpack•added 2013/12/21 12:0 a.m.•12 views

Cisco EPC3925 - Persistent Cross-Site Scripting

Cisco EPC3925 - Persistent Cross-Site Scripting Exploit Title: Cisco EPC3925 - Persistent Cross Site Scripting Google Dork: N/A Date: 12-11-2013 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.cisco.com Software Link: Not public Version: epc3925-E10-5-v302r125572-130520c Tested on...

6.8AI score

Exploit DB•added 2013/12/21 12:0 a.m.•39 views

Cisco EPC3925 - Persistent Cross-Site Scripting

Exploit Title: Cisco EPC3925 - Persistent Cross Site Scripting Google Dork: N/A Date: 12-11-2013 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.cisco.com Software Link: Not public Version: epc3925-E10-5-v302r125572-130520c Tested on: Cisco EPC3925 CVE: N/A Description The paramet...

7.4AI score

Packet Storm•added 2013/12/19 12:0 a.m.•38 views

Jenkins CI 1.523 Persistent Script Insertion

Advisory Information Title: Default markup formatter permits offsite-bound forms Date published : 2013-12-16 Date of last update: 2013-12-16 Vendors contacted : Jenkins CI v 1.523 Discovered by: Christian Catalano Severity: Low 02. Vulnerability Information CVE reference: CVE-2013-5573 CVSS v2...

4.3CVSS9.6AI score0.05406EPSS

Exploits5

exploitpack•added 2013/12/18 12:0 a.m.•36 views

Jenkins 1.523 - Persistent HTML Code

Jenkins 1.523 - Persistent HTML Code 01. Advisory Information Title: Default markup formatter permits offsite-bound forms Date published : 2013-12-16 Date of last update: 2013-12-16 Vendors contacted : Jenkins CI v 1.523 Discovered by: Christian Catalano Severity: Low 02. Vulnerability Informatio...

4.3CVSS9.6AI score0.05406EPSS

Exploits5

Exploit DB•added 2013/12/18 12:0 a.m.•47 views

Jenkins 1.523 - Persistent HTML Code

4.3CVSS7AI score0.05406EPSS

Exploits5

RedHat Linux•added 2013/12/17 6:28 p.m.•1 views

cumin: non-persistent XSS possible due to not escaping set limit form input

Cross-site scripting XSS vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form...

4.3CVSS5.9AI score0.01795EPSS

Exploits0References4

The Hacker News•added 2013/12/17 4:31 a.m.•8 views

Russian hackers stole Personal details of 54 million Turkish Citizens

The Publicized Hacks, Cyber attacks and Data breaches continue to increase, and the majority of attacks are from outsiders. Recently, Some unknown Russian hackers have reportedly stolen Personal details of nearly 54 million Turkish citizens, about 70% of the whole Turkish population. According to...

6.5AI score

exploitpack•added 2013/12/17 12:0 a.m.•45 views

Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities

Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities Title: Ditto Forensic FieldStation, multiple vulnerabilities Versions affected: = 2013Oct15a all Vendor: CRU Wiebetech Discovered by: Martin Wundram Email: [email protected] Date found: 2013-04-22 Date published: 2013-12-12...

10CVSS1.1AI score0.12607EPSS

Exploits8

exploitpack•added 2013/12/17 12:0 a.m.•20 views

Ability Mail Server 2013 3.1.1 - Web UI Persistent Cross-Site Scripting

Ability Mail Server 2013 3.1.1 - Web UI Persistent Cross-Site Scripting !/usr/bin/env python ''' Exploit Title: Ability Mail Server 2013 Stored XSS Date: 12/20/2013 Exploit Author: David Um Vendor Homepage: http://www.code-crafters.com/ Software Link: http://download.code-crafters.com/ams.exe...

4.3CVSS6.2AI score0.01441EPSS

Exploit DB•added 2013/12/17 12:0 a.m.•23 views

Ability Mail Server 2013 3.1.1 - Web UI Persistent Cross-Site Scripting

!/usr/bin/env python ''' Exploit Title: Ability Mail Server 2013 Stored XSS Date: 12/20/2013 Exploit Author: David Um Vendor Homepage: http://www.code-crafters.com/ Software Link: http://download.code-crafters.com/ams.exe Version: 3.1.1 Tested on: Windows Server 2003 SP2 CVE : CVE-2013-6162...

4.3CVSS7AI score0.01441EPSS

Exploit DB•added 2013/12/17 12:0 a.m.•46 views

Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities

Title: Ditto Forensic FieldStation, multiple vulnerabilities Versions affected: = 2013Oct15a all Vendor: CRU Wiebetech Discovered by: Martin Wundram Email: [email protected] Date found: 2013-04-22 Date published: 2013-12-12 Status: partially patched 0 ======== Introduction / Background / Impac...

10CVSS6.4AI score0.12607EPSS

Exploits8

exploitpack•added 2013/12/16 12:0 a.m.•16 views

Wallpaper Script 3.5.0082 - Persistent Cross-Site Scripting

Wallpaper Script 3.5.0082 - Persistent Cross-Site Scripting Exploit Title : Wallpaper Script Stored XSS Vulnerability D0rk Google : Author : nullp0int3r [email protected] Version : 3.5.0082 Date : 2013-12-14 Vendor Homepage: http://www.wallpaperscript.com/ Test on : Windows Exploitation: 1...

6.8AI score