CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

91 matches found

Packet Storm•added 2019/01/21 12:0 a.m.•85 views

Open-Xchange OX App Suite Cross Site Scripting / SSRF

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 59653 Bug ID Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.0 Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.0-rev13 Vendor notification:...

5.5AI score0.00852EPSS

Exploits3

Prion•added 2016/12/15 6:59 a.m.•20 views

Open redirect

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code can be injected to contact names. When adding those contacts to a group, the script code gets executed in the context of the user which creates or changes the group by using autocomplete. In most cases this is a...

4.3CVSS7.1AI score0.00713EPSS

Exploits0References2Affected Software1

CVE•added 2016/12/15 6:31 a.m.•51 views

CVE-2016-6854

CVE-2016-6854 affects Open-Xchange OX Guard prior to 2.4.2-rev5. An injection flaw allows a script to run when verifying an inline PGP signature in a mail, enabling malicious code to execute in a user’s context and potentially hijack sessions or trigger actions via the web interface. Fixed in 2.4...

6.1CVSS6.2AI score0.02441EPSS

Exploits5References4Affected Software1

CNVD•added 2015/08/19 12:0 a.m.•3 views

Cisco Unified Web Interaction Manager Web Interface Security Restriction Bypass Vulnerability

Cisco Unified Web Interaction Manager is a WEB interaction manager. An input validation vulnerability in Cisco Unified Web Interaction Manager WEBjiekou could be exploited by a remote attacker to submit a special request to view, modify, or delete data stored on the target system...

6.5CVSS6.8AI score0.02456EPSS

Exploits0References1

Positive Technologies•added 2015/03/11 12:0 a.m.•2 views

PT-2016-61: Denial of Service in the web interface to TP-Link wireless devices control system

The specialists of the Positive Research center have detected a Denial of Service vulnerability in the web interface to TP-Link wireless devices control system. An attacker can cause a full denial of service of the server used for the web interface to wireless devices control system via the speci...

4.3CVSS7.3AI score

Exploits0References3

securityvulns•added 2014/05/04 12:0 a.m.•50 views

CUPS crossite scripting

Crossite scripting in Web interface...

4.3CVSS1.1AI score0.01626EPSS

Exploits0References1Affected Software1

securityvulns•added 2005/02/20 12:0 a.m.•28 views

Multiple Thomson TCW690 security vulnerabilities.

It's possible to access web interface without username and password. Denial of Service...

3.4AI score

Exploits0References2

securityvulns•added 2005/02/17 12:0 a.m.•28 views

Multiple HP/Compaq products Web interface buffer overflow

No description provided...

3.5AI score

Exploits0References1Affected Software2

securityvulns•added 2003/10/03 12:0 a.m.•21 views

[Full-Disclosure] exploiting fortigate firewall through webinterface

Issue: Several vulnerabilities in web interface of Fortigate firewall of which the most serious one will allow a remote attacker to obtain a username and password of the Fortigate. Release: pre 2.50 maintenance release 4 Fixed in: Fortinet OS 2.50 MR4, available from FTP as of 29 Sept. 2003 Date:...

0.7AI score

Exploits0

securityvulns•added 2003/04/24 12:0 a.m.•37 views

Cisco Secure ACS buffer overflow

Buffer overflow in TCP/2002 web interface port...

3.6AI score

Exploits0References2Affected Software1