Lucene search
+L

6058 matches found

WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.26 views

WP Symposium 13.04 - Unvalidated Redirect

The wp-symposium WordPress plugin was affected by an Unvalidated Redirect security vulnerability...

5.8CVSS1.9AI score0.02008EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2014/07/09 10:0 a.m.2 views

EUVD-2014-3494

The cdfreadpropertyinfo function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...

4.3CVSS7.3AI score0.14927EPSS
Exploits0References29
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

No description provided by source. Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013 Release date: 03/04/2014 Vendor...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Sysinternals Regmon 6.11 Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11042/info Regmon is reported prone to a local denial of service vulnerability. This issue presents itself because the application fails to handle exceptional conditions and references unvalidated pointers to kernel...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Spreecommerce 0.60.1 Arbitrary Command Execution

No description provided by source. $Id: spreesearchexec.rb 13831 2011-10-07 17:45:15Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification

No description provided by source. PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification Credits: Emanuele 'emgent' Gentili [email protected] Marco 'whitesheep' Rondini [email protected] Alessandro 'scox' Scoscia [email protected] In error.php, PhpMyAdmi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Spreecommerce < 0.50.0 Arbitrary Command Execution

No description provided by source. $Id: spreesearchlogicexec.rb 12397 2011-04-21 19:38:42Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.30 views

openSUSE Security Update : libX11 (openSUSE-SU-2013:1047-1)

This update of libX11 fixes several security issues. - U0001-integer-overflow-in-XQueryFont-on-32-bit-platfor ms-.patch, U0002-integer-overflow-in-XF86BigfontQueryFont-CVE-201 3-1.patch, U0003-integer-overflow-in-XListFontsWithInfo-CVE-2013-1 981.patch,...

6.8CVSS7.5AI score0.02109EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.28 views

openSUSE Security Update : libXt (openSUSE-SU-2013:1008-1)

This update of libXt fixes several security issues. - U0001-unvalidated-length-in-XtResourceConfigurationEH- CVE.patch - unvalidated length in XtResourceConfigurationEH CVE-2013-2002 bnc821670, bnc815451 - U0001-Unchecked-return-values-of-XGetWindowProperty-CVE -20.patch - Unchecked return values...

6.8CVSS8.2AI score0.03082EPSS
Exploits0References5
Atlassian
Atlassian
added 2014/05/26 2:4 p.m.17 views

Persistent Cross Site Scripting Flaw in User Profiles

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-46664. panel A persistent cross site scripting flaw exists in user profiles when the user updates his/her Homepage URL from the...

0.3AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.58 views

Сross-Site Request Forgery &#40;CSRF&#41; in XCloner Standalone

Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...

7.6CVSS0.2AI score0.0621EPSS
Exploits6
0day.today
0day.today
added 2014/04/04 12:0 a.m.20 views

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

Exploit for php platform in category web applications Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013 Release date:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/04/03 12:0 a.m.10 views

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

Oracle Identity Manager 11g R2 SP1 11.1.2.1.0 - Unvalidated Redirects Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/04/03 12:0 a.m.19 views

Oracle Identity Manager 11g R2 SP1 Unvalidated Redirect

Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013 Release date: 03/04/2014 Vendor Homepage: www.oracle.com Version: Oracle...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/04/03 12:0 a.m.25 views

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013 Release date: 03/04/2014 Vendor Homepage: www.oracle.com Version: Oracle...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2014/03/03 10:6 p.m.13 views

Slack: Content Spoofing

Here is an unvalidated insertion of an image, resulting to content spoofing https://awayon.slack.com/account/photo?url=http://www.thenewstribe.com/wp-content/uploads/2014/01/Syrian-Electronic-Army-hacked-CNN.jpg It displays any photo, what the attacker must know is just the "awayon" or the team...

0.8AI score
Exploits0
Prion
Prion
added 2014/02/18 11:55 a.m.14 views

Design/Logic Flaw

The client in Jetro COCKPIT Secure Browsing JCSB 4.3.1 and 4.3.3 does not validate the FileName element in an RDPFILETRANSFER document, which allows remote JCSB servers to execute arbitrary programs by providing a .EXE extension...

9.3CVSS7.8AI score0.01413EPSS
Exploits0References2Affected Software1
Drupal
Drupal
added 2013/10/16 6:39 p.m.6 views

SA-CONTRIB-2013-080 - Simplenews - Cross Site Scripting (XSS)

This module enables you to publish and send newsletters to lists of subscribers. The module also includes an API that other modules can use to register subscribers. The module doesn't sufficiently sanitize e-mail addresses prior to outputting. The provided forms sign-up, mass import, .. validate...

4.3CVSS5.5AI score0.02688EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2013/10/11 12:0 a.m.40 views

Cisco Open Network Environment Platform Unvalidated Pointer (CSCui51551)

A vulnerability in the Open Network Environment Platform ONEP could allow an authenticated, remote attacker to cause the network element to reload. The vulnerability is due to insufficient pointer validation. An attacker could exploit this vulnerability by sending a crafted packet to an...

6.3CVSS5.6AI score0.01601EPSS
Exploits0References2
0day.today
0day.today
added 2013/10/10 12:0 a.m.65 views

BoltWire 3.5 Cross Site Scripting Vulnerability

BoltWire versions 3.5 and beloBoltWire versions 3.5 and below suffer from multiple cross site scripting vulnerabilities.w suffer from multiple cross site scripting vulnerabilities. ============================================= INTERNET SECURITY AUDITORS ALERT 2013-010 - Original release date: Mar...

4.3CVSS6.3AI score0.0215EPSS
Exploits3
Rows per page
Query Builder