Lucene search
K

90 matches found

htbridge
htbridge
added 2015/05/06 12:0 a.m.507 views

Local PHP File Inclusion in ResourceSpace

High-Tech Bridge Security Research Lab discovered vulnerability in ResourceSpace, which can be exploited to include arbitrary local PHP file, execute PHP code, and compromise vulnerable web application and even entire web server on which the application is hosted. The vulnerability exists due to...

7.6CVSS6.5AI score0.08083EPSS
Exploits3Affected Software1
securityvulns
securityvulns
added 2014/12/22 12:0 a.m.121 views

ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities

Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Petri Iivonen Contact: petri.iivonenattmbcgovuk Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url: www.resourcespace.org Software:...

8.4AI score
Exploits0
0day.today
0day.today
added 2014/12/18 12:0 a.m.45 views

ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling

Exploit for php platform in category web applications Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Adler Freiheit Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/12/15 12:0 a.m.23 views

ResourceSpace 6.4.5976 - Cross-Site Scripting SQL Injection Insecure Cookie Handling

ResourceSpace 6.4.5976 - Cross-Site Scripting SQL Injection Insecure Cookie Handling ​Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Adler Freiheit Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montal...

8.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/12/15 12:0 a.m.46 views

ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling

​Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Adler Freiheit Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url: www.resourcespace.org Software: ResourceSpace Digital Asset...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/12/11 12:0 a.m.35 views

ResourceSpace 6.4.5976 XSS / SQL Injection / Insecure Cookie Handling

Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Petri Iivonen Contact: petri.iivonenattmbcgovuk Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url: www.resourcespace.org Software:...

0.1AI score
Exploits0
NVD
NVD
added 2011/11/19 3:58 a.m.13 views

CVE-2011-4311

ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers to bypass intended resource restrictions via unspecified vectors...

5CVSS6.7AI score0.01571EPSS
Exploits0References3
Prion
Prion
added 2011/11/19 3:58 a.m.11 views

Design/Logic Flaw

ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers to bypass intended resource restrictions via unspecified vectors...

5CVSS7.2AI score0.01571EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2011/11/19 2:0 a.m.39 views

CVE-2011-4311

CVE-2011-4311 affects ResourceSpace before 4.2.2833, where improper validation of access keys allows remote attackers to bypass intended resource restrictions via unspecified vectors. The vulnerability enables unauthorized access without specific vectors described in the provided documents. No ex...

5CVSS6.9AI score0.01571EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/11/19 2:0 a.m.22 views

CVE-2011-4311

ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers to bypass intended resource restrictions via unspecified vectors...

6.7AI score0.01571EPSS
Exploits0References3
Rows per page
Query Builder