Lucene search
+L

736 matches found

Tenable Nessus
Tenable Nessus
added 2013/09/19 12:0 a.m.58 views

WordPress < 3.6.1 Multiple Vulnerabilities

According to its version number, the WordPress install hosted on the remote web server is affected by multiple vulnerabilities : - Unsafe PHP de-serialization could occur in limited situations and setups, which could lead to remote code execution. CVE-2013-4338 - Open redirect/insufficient input...

7.5CVSS5.5AI score0.08749EPSS
Exploits8References14
NVD
NVD
added 2013/09/06 11:15 a.m.22 views

CVE-2013-3599

userlogin.jsp in Coursemill Learning Management System LMS 6.6 and 6.8 allows remote attackers to gain privileges via a modified user-role value to home.html...

9.3CVSS6.9AI score0.0193EPSS
Exploits0References1
Prion
Prion
added 2013/09/06 11:15 a.m.15 views

Design/Logic Flaw

userlogin.jsp in Coursemill Learning Management System LMS 6.6 and 6.8 allows remote attackers to gain privileges via a modified user-role value to home.html...

9.3CVSS7.4AI score0.0193EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2013/05/29 12:0 a.m.21 views

WordPress User Role Editor 3.12 Cross Site Request Forgery

WordPress User Role Editor plugin version 3.12 suffers from a cross site request forgery vulnerability Exploit Title: WP User Role Editor CSRF Date: 19/5/13 Exploit Author: Henry Hoggard Author Website: http://henryhoggard.co.uk Vendor Homepage:https://wordpress.org/support/plugin/user-role-edito...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2013/05/27 12:0 a.m.20 views

WordPress User Role Editor 3.12 Cross Site Request Forgery

Exploit Title: WP User Role Editor CSRF Date: 19/5/13 Exploit Author: Henry Hoggard Author Website: http://henryhoggard.co.uk Vendor Homepage:https://wordpress.org/support/plugin/user-role-editor Software Link:https://wordpress.org/support/plugin/user-role-editor Version: =3.12 Tested on: Debian...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/05/26 12:0 a.m.10 views

WordPress Plugin User Role Editor 3.12 - Cross-Site Request Forgery

WordPress Plugin User Role Editor 3.12 - Cross-Site Request Forgery Exploit Title: WP User Role Editor CSRF Date: 19/5/13 Exploit Author: Henry Hoggard Author Website: http://henryhoggard.co.uk Vendor Homepage:https://wordpress.org/support/plugin/user-role-editor Software...

Exploits0
Patchstack
Patchstack
added 2013/05/26 12:0 a.m.12 views

WordPress User Role Editor Plugin 3.12 - CSRF

User Role Editor plugin is prone to a cross site request forgery vulnerability. It allows an attacker to gain unauthorized access to the affected application by performing certain actions in the context of an authorized user's session. Solution Update the plugin...

3.7AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2013/05/26 12:0 a.m.15 views

Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: WP User Role Editor CSRF Date: 19/5/13 Exploit Author: Henry Hoggard Author Website: http://henryhoggard.co.uk Vendor Homepage:https://wordpress.org/support/plugin/user-role-editor Software...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2013/05/26 12:0 a.m.24 views

WordPress Plugin User Role Editor 3.12 - Cross-Site Request Forgery

Exploit Title: WP User Role Editor CSRF Date: 19/5/13 Exploit Author: Henry Hoggard Author Website: http://henryhoggard.co.uk Vendor Homepage:https://wordpress.org/support/plugin/user-role-editor Software Link:https://wordpress.org/support/plugin/user-role-editor Version: =3.12 Tested on: Debian...

7.4AI score
Exploits0
OSV
OSV
added 2012/12/18 1:55 a.m.7 views

CVE-2012-5571

OpenStack Keystone Essex 2012.1 and Folsom 2012.2 does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role...

6.1AI score
Exploits0References14
seebug.org
seebug.org
added 2011/07/04 12:0 a.m.25 views

WordPress 3.1.3 SQL Injection Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20110701-0 ======================================================================= title: Multiple SQL Injection Vulnerabilities product: WordPress vulnerable version: 3.1.3/3.2-RC1 and probably earlier versions...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/10/06 12:0 a.m.38 views

Debian DSA-2115-1 : moodle - several vulnerabilities

Several remote vulnerabilities have been discovered in Moodle, a course management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1613 Moodle does not enable the 'Regenerate session id during login' setting by default, which makes it easier...

7.5CVSS5.9AI score0.02478EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2007/11/07 9:0 a.m.55 views

Moderate: Red Hat Security Advisory: pam security, bug fix, and enhancement update

Updated pam packages that fix two security flaws, resolve several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...

4.3CVSS6.5AI score0.02342EPSS
Exploits0References11
Packet Storm
Packet Storm
added 2007/10/23 12:0 a.m.32 views

oracle10g-sql.txt

// / Oracle 10g CTXDOC.MARKUP SQL Injection Exploit / // / sploit grant DBA to unprivileged user / // / BY Sh2kerR Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: October 23, 2007 / / Written by: Alexandr "Sh2kerr" Polyakov / / email: [email protected]...

7.4AI score
Exploits0
Atlassian
Atlassian
added 2007/03/07 9:2 p.m.23 views

Project Role Modifications not reflected in Issue Security Scheme

If you modify users/groups in a project's project role and this project uses an issue security scheme, you must remove the role and re-add it to the issue security scheme for the role changes to take effect. Steps to Reproduce: 1. Need to be the admin of a project whose issue creation screen has...

0.8AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2007/01/24 12:0 a.m.17 views

Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit

No description provided by source. / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret [email protected] Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...

7.1AI score
Exploits0
Rows per page
Query Builder