Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7647 matches found

Vulnerability Lab
Vulnerability Labadded 2012/08/12 12:0 a.m.16 views

SonicWall UTM ES WAF - Input Filter Bypass Vulnerability

Document Title: =============== SonicWall UTM ES WAF - Input Filter Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=545 Release Date: ============= 2012-08-12 Vulnerability Laboratory ID VL-ID: ==================================== 54...

0.4AI score
Exploits0
0day.today
0day.todayadded 2012/08/11 12:0 a.m.16 views

Social Engine 4.2.5 Cross Site Scripting

Exploit for php platform in category web applications Social Engine 4.2.5 Cross Site Scripting Details: ======== 1.1 Multiple persistent input validation vulnerabilities are detected in the Social Engine v4.2.5 web application. The bug allows an attackers to implement/inject malicious script code...

7.1AI score
Exploits0
0day.today
0day.todayadded 2012/08/11 12:0 a.m.29 views

Nike+ Panel / Mobile App Cross Site Scripting

Exploit for php platform in category web applications Nike+ Panel & Mobile App - Multiple Web Vulnerabilities Details: ======== Multiple persistent input validation vulnerabilities are detected in the Nike+ Control Panel & fuelband mobile web application. The bug allows an attackers to...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2012/08/11 12:0 a.m.25 views

Flynax General Classifieds CMS 4.0 - Multiple Vulnerabilities

Title: ====== Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities Date: ===== 2012-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=659 VL-ID: ===== 659 Common Vulnerability Scoring System: ==================================== 8.3 Introduction:...

7.4AI score
Exploits0
ThreatPost
ThreatPostadded 2012/08/09 2:48 a.m.9 views

Poll Finds Security Practitioners Falsely Believe They're Protected Against APTs

If a recent poll of 1,000 security professionals is any indication, there remains a significant learning gap in understanding advanced persistent threats – and therefore building a strong defense to resist them. The survey conducted by FireEye’s Malware Intelligence Lab showed nearly 60 percent o...

0.2AI score
Exploits0References2
Atlassian
Atlassianadded 2012/08/08 7:48 a.m.18 views

Persistent xss flaw in the revision history (of comments).

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47387. panel Whilst a comment is html encoded /sanitized when displayed within an answer to a question the revision history pag...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2012/08/08 3:47 a.m.19 views

persistent xss vulnerability through uploaded files in IE8/9

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46953. panel It is possible to upload a number of file types checked by extension to an answers instance and then download them...

1.4AI score
Exploits0Affected Software1
exploitpack
exploitpackadded 2012/08/08 12:0 a.m.25 views

iauto mobile Application 2012 - Multiple Vulnerabilities

iauto mobile Application 2012 - Multiple Vulnerabilities Title: ====== iAuto Mobile Application 2012 - Multiple Web Vulnerabilities Date: ===== 2012-07-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=658 VL-ID: ===== 658 Common Vulnerability Scoring System:...

0.4AI score
Exploits0
exploitpack
exploitpackadded 2012/08/08 12:0 a.m.15 views

WordPress Plugin mini mail Dashboard widget 1.42 - Persistent Cross-Site Scripting

WordPress Plugin mini mail Dashboard widget 1.42 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: Mini Mail Dashboard Widget Version: 1.42 Software Download: http://wordpress.org/extend/plugins/mini-mail-dashboard-widget/ Timeline: 29 May...

6.7AI score
Exploits0
exploitpack
exploitpackadded 2012/08/08 12:0 a.m.18 views

emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting

emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: EmailArchitect Enterprise Email Server Version: 10.0 Vendor Site: http://www.emailarchitect.net Software Download Link:...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2012/08/08 12:0 a.m.14 views

escon supportportal pro 3.0 - Persistent Cross-Site Scripting

escon supportportal pro 3.0 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: ESCON SupportPortal Pro Version: 3.0 Vendor Site: http://www.e-supportportal.com Software Download: http://www.e-supportportal.com/download.html Timeline: 29 May...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2012/08/08 12:0 a.m.11 views

Inout Mobile Webmail APP - Persistent Cross-Site Scripting

Inout Mobile Webmail APP - Persistent Cross-Site Scripting Title: ====== Inout Mobile Webmail APP - Multiple Web Vulnerabilities Date: ===== 2012-06-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=609 VL-ID: ===== 609 Common Vulnerability Scoring System:...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2012/08/08 12:0 a.m.10 views

T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting

T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: T-dah Webmail Client Version: 3.2.0-2.3 Vendor Site: http://t-dahmail.sourceforge.net/index.php Software Download: http://sourceforge.net/projects/t-dahmail/...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2012/08/08 12:0 a.m.19 views

winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting

winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: WinWebMail Server Version: 3.8.1.6 Vendor Site: http://www.winwebmail.net Software Download: http://www.winwebmail.net/email-server-download.html Timeline: 29 May 201...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2012/08/08 12:0 a.m.30 views

WordPress Plugin mini mail Dashboard widget 1.42 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Author: loneferret of Offensive Security Product: Mini Mail Dashboard Widget Version: 1.42 Software Download: http://wordpress.org/extend/plugins/mini-mail-dashboard-widget/ Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012: Response received from CERT with...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2012/08/07 12:0 a.m.16 views

Inoutmail Webmail CMS 2012 Cross Site Scripting

Title: ====== Inout Mobile Webmail APP - Multiple Web Vulnerabilities Date: ===== 2012-06-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=609 VL-ID: ===== 609 Common Vulnerability Scoring System: ==================================== 3.5 Abstract: ========= The...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2012/08/07 12:0 a.m.35 views

VMware Vendor Service Cross Site Scripting

Title: ====== VMware Vendor Service - Multiple Web Vulnerabilities Date: ===== 2012-05-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=419 VL-ID: ===== 419 Common Vulnerability Scoring System: ==================================== 5.2 Introduction: ============= VMwar...

0.2AI score
Exploits0
Vulnerability Lab
Vulnerability Labadded 2012/08/06 12:0 a.m.27 views

eFront Enterprise v3.6.11 - Multiple Web Vulnerabilities

Document Title: =============== eFront Enterprise v3.6.11 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=668 Release Date: ============= 2012-08-06 Vulnerability Laboratory ID VL-ID: ==================================== 66...

7.1AI score
Exploits0
Patchstack
Patchstackadded 2012/08/05 12:0 a.m.10 views

WordPress Effective Lead Management Plugin 3.0.0 - Persistent XSS

Effective Lead Management plugin is prone to a persistent XSS vulnerability. If the Javascript is included in the name or in the "requirements" field, this vulnerability will fire the admin views the lead management page. Solution Update the plugin...

2.8AI score
Exploits0References1Affected Software1
Atlassian
Atlassianadded 2012/08/03 3:17 a.m.23 views

XSS vulnerability in the "import word document" page action through the page name

On the "import word document" page action the name of the confluence page is a persistent xss vector as it is not encoded. How to Reproduce: 1. Create a confluence page with the following title noformat XSS"/alert'XSS' noformat 2. Navigate to the created page 3. Under the tools menu select "Impor...

0.6AI score
Exploits0Affected Software1
Rows per page
Query Builder