Lucene search
K

100 matches found

Cvelist
Cvelist
added 2019/08/07 4:43 p.m.13 views

CVE-2019-14537

YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass...

9.4AI score0.06145EPSS
Exploits2References5
CVE
CVE
added 2019/08/07 4:43 p.m.93 views

CVE-2019-14537

YOURLS (up to version 1.7.3) API exposes a type juggling vulnerability that can lead to authentication/login bypass. The issue is documented as CVE-2019-14537 with a fix in YOURLS 1.7.4 (patches and related PRs are available in the YOURLS repository). An advisory exists describing the impact and ...

9.8CVSS9.3AI score0.06145EPSS
Exploits2References5Affected Software1
GithubExploit
GithubExploit
added 2019/08/07 11:25 a.m.87 views

Exploit for Type Confusion in Yourls

YOURLS: CVE-2019-14537 PoC !alt texthttps://raw.githubuser...

9.8CVSS9.6AI score0.06145EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.23 views

Fedora Update for yourls FEDORA-2015-5965

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.6AI score0.01862EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/04/30 12:0 a.m.26 views

Fedora 21 : yourls-1.7-3.20150410gitabc7d6c.fc21 (2015-6002)

Update to the latest master from git Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

4.3CVSS5.4AI score0.01862EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/04/30 12:0 a.m.26 views

Fedora 22 : yourls-1.7-3.20150410gitabc7d6c.fc22 (2015-5965)

Update to the latest master from git Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

4.3CVSS5.4AI score0.01862EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/04/30 12:0 a.m.20 views

Fedora 20 : yourls-1.7-3.20150410gitabc7d6c.fc20 (2015-5972)

Update to the latest master from git Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

4.3CVSS5.4AI score0.01862EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2015/04/30 12:0 a.m.21 views

Fedora Update for yourls FEDORA-2015-6002

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.6AI score0.01862EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/04/30 12:0 a.m.21 views

Fedora Update for yourls FEDORA-2015-5972

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.6AI score0.01862EPSS
Exploits1References2
Fedora
Fedora
added 2015/04/29 1:7 p.m.37 views

[SECURITY] Fedora 22 Update: yourls-1.7-3.20150410gitabc7d6c.fc22

YOURLS is a small set of PHP scripts that will allow you to run your own URL shortening service a la TinyURL. You can make it private or public, you can pick custom keyword URLs, it comes with its own API...

4.3CVSS6.4AI score0.01862EPSS
Exploits1
Fedora
Fedora
added 2015/04/29 1:2 p.m.42 views

[SECURITY] Fedora 21 Update: yourls-1.7-3.20150410gitabc7d6c.fc21

YOURLS is a small set of PHP scripts that will allow you to run your own URL shortening service a la TinyURL. You can make it private or public, you can pick custom keyword URLs, it comes with its own API...

4.3CVSS6.4AI score0.01862EPSS
Exploits1
Fedora
Fedora
added 2015/04/29 12:57 p.m.32 views

[SECURITY] Fedora 20 Update: yourls-1.7-3.20150410gitabc7d6c.fc20

YOURLS is a small set of PHP scripts that will allow you to run your own URL shortening service a la TinyURL. You can make it private or public, you can pick custom keyword URLs, it comes with its own API...

4.3CVSS6.4AI score0.01862EPSS
Exploits1
NVD
NVD
added 2014/12/10 1:59 a.m.21 views

CVE-2014-8488

Cross-site scripting XSS vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality...

4.3CVSS5.4AI score0.01862EPSS
Exploits1References4
Prion
Prion
added 2014/12/10 1:59 a.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality...

4.3CVSS5.9AI score0.01862EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2014/12/10 1:0 a.m.29 views

CVE-2014-8488

Cross-site scripting XSS vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality...

5.4AI score0.01862EPSS
Exploits1References4
CVE
CVE
added 2014/12/10 1:0 a.m.58 views

CVE-2014-8488

The CVE-2014-8488 entry is corroborated by connected advisories showing Fedora updates for yourls 1.7 (e.g., FEDORA-2015-5965/5972) addressing an XSS in the administrator panel via the Shorten functionality. Affected product: YOURLS (PHP-based URL shortening) software package 1.7; vulnerability t...

4.3CVSS5.5AI score0.01862EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2014/10/25 12:0 a.m.29 views

Yourls 1.7 Cross Site Scripting

Hello, I found a xss stored vulnerability in Yourls 1.7 script latest version. The attacker can steal the admin's cookies and login in the admin panel. Note: Only the admin can see this. Steps to perform the vulnerability: 1. Create a new url to shorten -- In the inputs you need write this payloa...

7.4AI score
Exploits0
Prion
Prion
added 2011/09/24 12:55 a.m.17 views

Information disclosure

Your Own URL Shortener YOURLS 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files...

5CVSS6.7AI score0.01229EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/09/24 12:0 a.m.23 views

CVE-2011-3824

Your Own URL Shortener YOURLS 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files...

6.1AI score0.01229EPSS
Exploits0References3
CVE
CVE
added 2011/09/24 12:0 a.m.47 views

CVE-2011-3824

The CVE-2011-3824 issue affects Your Own URL Shortener (YOURLS) 1.5, where a direct request to a PHP file can disclose installation path information via an error message (e.g., includes/auth.php and similar files). Root cause: error disclosure leaking path details through PHP error handling. Impa...

5CVSS6.3AI score0.01229EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder