161 matches found
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2014-8563
creationtimestamp| type| source ---|---|--- 2020-01-27 23:37:38+00:00| seen| https://t.me/cveNotify/471...
Razer: Improper access control on easytopup.in.th transaction page leads to user's information disclosure and may lead to account hijacking
The tester discovered a Razer Gold Thailand server was vulnerable to information disclosure due to the use of a predicable reference ID in application URLs which could lead to the ability obtain phone numbers. Razer thanks the tester for his clear report...
CVE-2019-16787
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-19905. Reason: This candidate is a duplicate of CVE-2019-19905. Notes: All CVE users should reference CVE-2019-19905 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2018-19559
CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the referenceid parameter...
CuppaCMS SQL Injection Vulnerability
CuppaCMS is a content management system CMS. A SQL injection vulnerability exists in the administrator/classes/ajax/functions.php file in CuppaCMS 2018-11-12 and earlier versions. A remote attacker can exploit the vulnerability to execute SQL commands with the help of 'referenceid' parameter...
Privilege escalation
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
Code injection
Unspecified vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773...
CVE-2010-1356
Unspecified vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773...
Cross site scripting
Cross-site scripting XSS vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316...
CVE-2010-1356
Unspecified vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773...
CVE-2010-1355
The CVE-2010-1355 entry concerns a Cross-site Scripting (XSS) vulnerability in the TANDBERG Video Communication Server (VCS) prior to X5.0. The connected sources confirm the affected product and that the vulnerability is XSS with unspecified vectors, allowing remote attackers to inject arbitrary ...
ntp-info NSE Script
Gets the time and configuration variables from an NTP server. We send two requests: a time request and a "read variables" opcode 2 control message. Without verbosity, the script shows the time and the value of the version, processor, system, refid, and stratum variables. With verbosity, all...
CVE-2009-3223
creationtimestamp| type| source ---|---|--- 2009-07-27 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9271...
CVE-2007-6442
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candidate is a duplicate of CVE-2007-6114. Notes: All CVE users should reference CVE-2007-6114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2006-0975
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0459. Reason: This candidate is a reservation duplicate of CVE-2006-0459. Notes: All CVE users should reference CVE-2006-0459 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2005-2913
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2799. Reason: This candidate is a duplicate of CVE-2005-2799. Notes: All CVE users should reference CVE-2005-2799 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
MS:3667303B-4434-41E6-A501-6F7566B9AB8D
...