Lucene search
K

580 matches found

ThreatPost
ThreatPost
added 2014/09/18 10:57 a.m.26 views

Dyre Trojan Targeting More than Salesforce.com Credentials

The criminals who unleashed a variant of the Dyre banking Trojan recently may have more up their sleeve than harvesting Salesforce.com credentials. Analysis of a sample conducted by SaaS security company Adallom determined that the new strain of Dyre is targeting large enterprises in addition to...

0.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/09/17 12:0 a.m.7 views

SALESFORCE Cloud Service Detection

Binary data 8511.prm...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2014/09/08 2:2 p.m.12 views

Salesforce Warns Customers of Dyreza Banker Trojan Attacks

Salesforce.com is warning its customers that the Dyreza banker Trojan is now believed to be targeting some of the company’s users. The Trojan, which has the ability to bypass SSL, typically goes after customers of major banks, but seems to be expanding its reach. Dyreza is relatively new among th...

1.5AI score
Exploits0References2
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.5 views

WordPress-to-Lead for Salesforce CRM 1.0.1 - salesforce.php salesforce_form_shortcode Function Error Message H&ling XSS

The Brilliant Web-to-Lead for Salesforce WordPress plugin was affected by a salesforce.php salesforceformshortcode Function Error Message H XSS security vulnerability...

1.4AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.8 views

WordPress-to-Lead for Salesforce CRM 1.0 - salesforce.php Multiple Parameter XSS

The Brilliant Web-to-Lead for Salesforce WordPress plugin was affected by a salesforce.php Multiple Parameter XSS security vulnerability...

2.2AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.8 views

WordPress-to-Lead for Salesforce CRM 1.0.4 - ov_plugin_tools.php textinput Function XSS

The Brilliant Web-to-Lead for Salesforce WordPress plugin was affected by an ovplugintools.php textinput Function XSS security vulnerability...

2.7AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.9 views

WordPress To Lead For Salesforce Plugin <= 1.0.1 - Cross Site Scripting

This plugin is prone to salesforce.php salesforceformshortcode Function Error Message H&ling cross site scripting vulnerability. Solution Update the plugin...

1AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.9 views

WordPress To Lead For Salesforce Plugin <= 1.0.4 - Cross Site Scripting

This plugin is prone to ovplugintools.php textinput function cross site scripting vulnerability. Solution Upgrade this plugin...

1.7AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.7 views

WordPress To Lead For Salesforce Plugin <= 1.0 - Cross Site Scripting

This plugin is prone to a salesforce.php multiple parameter cross site scripting vulnerability. Solution Update the plugin...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/07/14 3:28 a.m.22 views

Reflected XSS affecting Confluence via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/07/14 3:28 a.m.21 views

Reflected XSS affecting Confluence via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/07/14 3:28 a.m.29 views

Reflected XSS affecting Confluence via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2014/06/25 11:54 p.m.19 views

Bruteforce Attack via Applinks Servlet

An attacker is able to perform bruteforce attacks via the applinks servlet. There is no captcha protection, nor do accounts get locked out after excessive attempts. The attacker can input a username, and perform bruteforce attacks on the login form. The core issue is that there is no login attemp...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/24 6:34 a.m.23 views

Reflected XSS affecting JIRA via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/24 6:34 a.m.23 views

Reflected XSS affecting JIRA via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2014/02/20 1:21 a.m.15 views

ZeuS Trojan variant Targets Salesforce accounts and SaaS Applications

Zeus, a financially aimed Banking Trojan that comes in many different forms and flavors, is capable to steal users' online-banking credentials once installed. This time, an infamous Zeus Trojan has turned out to be a more sophisticated piece of malware that uses web-crawling action. Instead of...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2012/12/10 12:0 a.m.63 views

Video Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL

Exploit Title : Video Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 24/11/12 version: 0.5 software link: http://wordpress.org/extend/plugins/video-lead-form/ Video Lead Form plugin descripti...

5.7AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/30 12:0 a.m.48 views

WordPress Video Lead Form 0.5 Cross Site Scripting

Exploit Title : Video Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 24/11/12 version: 0.5 software link: http://wordpress.org/extend/plugins/video-lead-form/ Video Lead Form plugin descripti...

4.3CVSS6.6AI score0.03236EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2012/09/21 12:0 a.m.6 views

Salesforce Application Detection

Binary data 6585.prm...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/11/04 12:0 a.m.27 views

BlackBerry Desktop Manager Intellisync ActiveX Control Arbitrary Remote Code Execution

The version of the Lotus Notes Intellisync component 'lnsresobject.dll' included with the BlackBerry Desktop Software installation on the remote host reportedly contains an unspecified error that can be exploited to execute arbitrary code. If an attacker can trick a user on the affected host into...

9.3CVSS6.3AI score0.03939EPSS
Exploits1References2
Rows per page
Query Builder