CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

97 matches found

Debian CVE•added 2009/03/24 7:0 p.m.•17 views

CVE-2009-0364

Removed by vendor...

7.5CVSS6.7AI score0.02594EPSS

Exploits1

securityvulns•added 2009/03/24 12:0 a.m.•40 views

[SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1752-1 [email protected] http://www.debian.org/security/ Florian Weimer March 23, 2009 http://www.debian.org/security/faq -...

7.5CVSS0.6AI score0.02594EPSS

Exploits1

Tenable Nessus•added 2009/03/24 12:0 a.m.•25 views

Debian DSA-1752-1 : webcit - format string vulnerability

Wilfried Goesgens discovered that WebCit, the web-based user interface for the Citadel groupware system, contains a format string vulnerability in the minicalendar component, possibly allowing arbitrary code execution CVE-2009-0364 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.5CVSS5.9AI score0.02594EPSS

Exploits1References3

Debian•added 2009/03/23 6:14 p.m.•15 views

[SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1752-1 [email protected] http://www.debian.org/security/ Florian Weimer March 23, 2009 http://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.02594EPSS

Exploits1

OSV•added 2009/03/23 12:0 a.m.•24 views

DSA-1752-1 webcit - potential remote code execution

Bulletin has no description...

7.5CVSS6.1AI score0.02594EPSS

Exploits1

Prion•added 2007/07/17 1:30 a.m.•11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via 1 the who parameter to showuser; and other vectors involving 2 calendar mode, 3 bulletin board mode, 4 room names, and 5 uploaded file names...

2.6CVSS6.1AI score0.02478EPSS

Exploits1References10Affected Software1

Prion•added 2007/07/17 1:30 a.m.•10 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors...

7.5CVSS7.5AI score0.02744EPSS

Exploits1References6Affected Software1

NVD•added 2007/07/17 1:30 a.m.•14 views

CVE-2007-3821

Cross-site request forgery CSRF vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors...

7.5CVSS7AI score0.02744EPSS

Exploits1References6

NVD•added 2007/07/17 1:30 a.m.•18 views

CVE-2007-3822

2.6CVSS5.7AI score0.02478EPSS

Exploits1References10

Cvelist•added 2007/07/17 1:0 a.m.•19 views

CVE-2007-3821

Cross-site request forgery CSRF vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors...

7AI score0.02744EPSS

Exploits1References6

Cvelist•added 2007/07/17 1:0 a.m.•17 views

CVE-2007-3822

5.7AI score0.02478EPSS

Exploits1References10

CVE•added 2007/07/17 1:0 a.m.•42 views

CVE-2007-3822

CVE-2007-3822 affects Webcit before 7.11 with multiple cross-site scripting (XSS) vulnerabilities. An attacker can inject arbitrary script/HTML via (1) the who parameter to showuser and other vectors such as calendar mode, bulletin board mode, room names, and uploaded file names. The provided doc...

2.6CVSS5.7AI score0.02478EPSS

Exploits1References10Affected Software1

CVE•added 2007/07/17 1:0 a.m.•41 views

CVE-2007-3821

CVE-2007-3821 describes a cross-site request forgery (CSRF) vulnerability in Webcit prior to 7.11. The issue allows remote attackers to modify configurations and perform actions as arbitrary users via unspecified vectors. The affected product is Webcit; the root cause is CSRF that enables unautho...

7.5CVSS7AI score0.02744EPSS

Exploits1References6Affected Software1

Packet Storm•added 2007/07/17 12:0 a.m.•15 views

webcit-multi.txt

Vendor contacted: 2007-06-24 Affects: Webcit 7.11 Fixed: 2007-07-06 WebCit 7.11 1. Background WebCit is the webfrontend to administer and use Citadel, which is an open-source groupware server. 2. Session Riding 2.I. Problem Description It is possible for an attacker to execute actions in the name...

7.4AI score

Exploits0

securityvulns•added 2007/07/15 12:0 a.m.•44 views

Session Riding and multiple XSS in WebCit

7.2AI score

Exploits0

exploitpack•added 2007/07/14 12:0 a.m.•11 views

Citadel WebCit 7.027.10 - showuser?who Cross-Site Scripting

Citadel WebCit 7.027.10 - showuser?who Cross-Site Scripting source: https://www.securityfocus.com/bid/24913/info Citadel WebCit is prone to multiple input-validation vulnerabilities, including multiple HTML-injection issues and a cross-site scripting issue, because it fails to sufficiently saniti...

6.8AI score

Exploits0

Exploit DB•added 2007/07/14 12:0 a.m.•54 views

Citadel WebCit 7.02/7.10 - 'showuser?who' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24913/info Citadel WebCit is prone to multiple input-validation vulnerabilities, including multiple HTML-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may all...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by