Lucene search
K

2302 matches found

CNVD
CNVD
added 2016/08/24 12:0 a.m.6 views

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-06647)

IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...

5.4CVSS6.3AI score0.00802EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/24 12:0 a.m.3 views

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-06646)

IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...

5.4CVSS6.3AI score0.00802EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/08/18 5:43 p.m.6 views

CloudForms: Lack of field filters on user input

It was found that the CloudForms web UI did not properly filter input in certain fields. A remote, authenticated attacker could use this flaw to execute arbitrary code on the system running CloudForms...

8.8CVSS6.1AI score0.02626EPSS
Exploits0References4
n0where
n0where
added 2016/08/09 4:0 p.m.30 views

Bluetooth Smart MITM Framework: BtleJuice

Bluetooth Smart MITM Framework BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices also known as Bluetooth Low Energy. It is composed of: an interception core an interception proxy a dedicated web interface Python and Node.js bindings How to install...

7.3AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a violator to circumvent access restrictions.

The vulnerability of the content/browser/webui/contentwebuicontrollerfactory.cc file of Google Chrome is related to security configuration errors. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent access restrictions due to errors in processing requests to the...

5CVSS7.7AI score0.01489EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2016/06/02 12:0 a.m.6 views

Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2016-03774)

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in the Web User Interface WebUI of...

6.1CVSS6.2AI score0.01535EPSS
Exploits1References1
NVD
NVD
added 2016/05/26 3:59 p.m.19 views

CVE-2015-7360

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface WebUI in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 serial parameter to alerts/summary/profile/; the 2 urlForCreatingReport parameter to csearch/report/export/...

6.1CVSS6AI score0.01535EPSS
Exploits1References4
Prion
Prion
added 2016/05/26 3:59 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface WebUI in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 serial parameter to alerts/summary/profile/; the 2 urlForCreatingReport parameter to csearch/report/export/...

4.3CVSS6AI score0.01535EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2016/05/26 3:0 p.m.49 views

CVE-2015-7360

FortiSandbox WebUI prior to version 2.1 is vulnerable to multiple cross-site scripting (XSS) flaws. The Flaws allow remote attackers to inject arbitrary script or HTML via: (1) the serial parameter in alerts/summary/profile/; (2) the urlForCreatingReport parameter in csearch/report/export/; (3) t...

6.1CVSS5.9AI score0.01535EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2016/05/26 3:0 p.m.26 views

CVE-2015-7360

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface WebUI in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 serial parameter to alerts/summary/profile/; the 2 urlForCreatingReport parameter to csearch/report/export/...

6AI score0.01535EPSS
Exploits1References4
OSV
OSV
added 2016/04/14 2:59 p.m.7 views

CVE-2016-3079

Multiple cross-site scripting XSS vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to systems/SystemEntitlements.do; 2 the label parameter to admin/multiorg/EntitlementDetails.do; or the name of a...

6.1CVSS6.1AI score0.01578EPSS
Exploits0References8
CNVD
CNVD
added 2016/04/12 12:0 a.m.12 views

Fortinet FortiOS Web User Interface Redirection Vulnerability

Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. A security...

6.1CVSS6.2AI score0.06869EPSS
Exploits0References1
OSV
OSV
added 2016/04/08 2:59 p.m.8 views

CVE-2016-3978

The Web User Interface WebUI in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting XSS attacks via the "redirect" parameter to "login."...

6.1CVSS5.8AI score0.06869EPSS
Exploits0References3
Prion
Prion
added 2016/04/08 2:59 p.m.16 views

Cross site scripting

The Web User Interface WebUI in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting XSS attacks via the "redirect" parameter to "login."...

4.3CVSS6.1AI score0.06869EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/04/08 2:0 p.m.79 views

CVE-2016-3978

FortiOS Web UI (Fortinet) is affected by CVE-2016-3978. Affects FortiOS WebUI in 5.0.x prior to 5.0.13, 5.2.x prior to 5.2.3, and 5.4.x prior to 5.4.0. The flaw allows remote attackers to redirect users to arbitrary sites via the redirect parameter to login, enabling phishing or cross-site script...

6.1CVSS6AI score0.06869EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/04/08 12:0 a.m.6 views

Citrix XenMobile Server Cross-Site Scripting Vulnerability

Citrix XenMobile is a Mobile Device and Application Management Solution A cross-site scripting vulnerability exists in the Web User Interface of Citrix XenMobile Server versions 10.0, 10.1 prior to Rolling Patch 4, and 10.3 prior to Rolling Patch 1, which can be exploited by remote attackers to...

6.1CVSS6.1AI score0.00796EPSS
Exploits0References1
NVD
NVD
added 2016/04/07 11:59 p.m.24 views

CVE-2016-2789

Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6AI score0.00796EPSS
Exploits0References2
OSV
OSV
added 2016/04/07 11:59 p.m.6 views

CVE-2016-2789

Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00796EPSS
Exploits0References2
Prion
Prion
added 2016/04/07 11:59 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00796EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/04/07 11:0 p.m.53 views

CVE-2016-2789

CVE-2016-2789 is a cross-site scripting (XSS) vulnerability in the Web User Interface of Citrix XenMobile Server 10.x. The issue affects XenMobile Server 10.0, 10.1 (before Rolling Patch 4), and 10.3 (before Rolling Patch 1). An attacker could inject arbitrary web script or HTML via unspecified v...

6.1CVSS5.9AI score0.00796EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder