Lucene search
K

11 matches found

Cvelist
Cvelist
added 2025/12/01 12:0 a.m.9 views

CVE-2025-51683

A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...

0.00381EPSS
Exploits2References1
OSV
OSV
added 2025/02/12 2:15 p.m.3 views

CVE-2025-26363

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enable an authentication profile server via crafted HTTP requests...

7.5CVSS5.8AI score0.00517EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.5 views

PT-2025-7152 · Q Free · Q-Free Maxtime

Name of the Vulnerable Software and Affected Versions: Q-Free MaxTime versions 2.11.0 and earlier Description: The issue is related to a missing authentication for a critical function in the maxprofile/setup/routes.lua file. This allows an unauthenticated remote attacker to enable an authenticati...

7.5CVSS7.2AI score0.00517EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.4 views

Q-Free MAXTIME Suite 访问控制错误漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. An access control error vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions, which stems from a lack of authentication for critical functions in maxprofile/setup/routes.lua. An...

7.5CVSS6.7AI score0.00517EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:17 p.m.3 views

Malicious code in fxa-profile-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9951fa605bb2df4520bedd105a7e1b9c0c3719b4fcc2ca3eb3cf26ea57d65042 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2015/10/22 12:0 a.m.3 views

Multiple Cross-Site Scripting Vulnerabilities in HP Smart Profile Server Data Analytics Layer

HP Smart Profile Server Data Analytics Layer is a product from Hewlett-Packard HP designed for communications service providers to manage and analyze customer data for telecom business needs. Multiple cross-site scripting vulnerabilities exist in HP Smart Profile Server Data Analytics Layer versi...

4.3CVSS6.1AI score0.01662EPSS
Exploits0References1
Prion
Prion
added 2015/10/18 10:59 a.m.10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in HP Smart Profile Server Data Analytics Layer SPS DAL 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01662EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2015/10/18 10:59 a.m.13 views

CVE-2015-5444

Multiple cross-site scripting XSS vulnerabilities in HP Smart Profile Server Data Analytics Layer SPS DAL 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.01662EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/10/18 10:0 a.m.18 views

CVE-2015-5444

Multiple cross-site scripting XSS vulnerabilities in HP Smart Profile Server Data Analytics Layer SPS DAL 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.8AI score0.01662EPSS
Exploits0References1
CVE
CVE
added 2015/10/18 10:0 a.m.42 views

CVE-2015-5444

CVE-2015-5444 affects HP Smart Profile Server Data Analytics Layer (SPS DAL) 2.3 up to 2.3.4; multiple XSS vulnerabilities allow remote attackers to inject arbitrary web script via unspecified vectors. Root cause details aren’t explicitly stated in the connected documents. Impact is remote code e...

4.3CVSS5.9AI score0.01662EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.29 views

Kcms Profile Server

The Kodak Color Management System service is running. The KCMS service on Solaris 2.5 could allow a local user to write to arbitrary files and gain root access. Patches: 107337-02 SunOS 5.7 has been released and the following should be out soon: 111400-01 SunOS 5.8, 111401-01 SunOS 5.8x86...

4.6CVSS6.8AI score0.01253EPSS
Exploits1References3
Rows per page
Query Builder