Lucene search
K

31 matches found

RedhatCVE
RedhatCVE
added 2022/10/18 7:9 a.m.47 views

CVE-2022-38248

Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting XSS vulnerabilities at auditlog.php...

6.1CVSS1.7AI score0.01781EPSS
Exploits0References3
OSV
OSV
added 2022/09/07 10:15 p.m.29 views

UBUNTU-CVE-2022-38248

Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting XSS vulnerabilities at auditlog.php...

6.1CVSS6.3AI score0.01781EPSS
Exploits0References3
EUVD
EUVD
added 2022/09/07 9:14 p.m.4 views

EUVD-2022-40840

Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting XSS vulnerabilities at auditlog.php...

6.1CVSS6.2AI score0.01781EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/07 12:0 a.m.5 views

Nagios XI 跨站脚本漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to v5.8.7, which stems from a discovery on...

6.1CVSS5.9AI score0.01781EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/04/05 4:0 p.m.21 views

CVE-2017-6340

Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements incorrect access control that...

5.9AI score0.02465EPSS
Exploits5References3
CVE
CVE
added 2017/04/05 4:0 p.m.67 views

CVE-2017-6340

CVE-2017-6340 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 prior to CP 1746. The issue is an XSS vulnerability in rest/commonlog/report/template name due to improper sanitization, compounded by weak access controls that let authenticated remote users with low privilege...

5.4CVSS5.7AI score0.02465EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2017/02/03 7:24 a.m.31 views

CVE-2017-3822

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense FTD Firepower Device Manager FDM could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the...

5.4AI score0.01479EPSS
Exploits0References3
myhack58
myhack58
added 2016/06/23 12:0 a.m.35 views

search-guard in Elasticsearch 2.3 use-vulnerability warning-the black bar safety net

Reference content: http://kibana.logstash.es/content/elasticsearch/auth/searchguard-2.html https://groups.google.com/forum/! forum/search-guard https://github.com/floragunncom/search-guard This article is based on the following software versions, different versions may have slightly differences:...

0.3AI score
Exploits0
Kitploit
Kitploit
added 2014/05/08 1:52 a.m.25 views

ModSecurity v2.8.0 - Open Source Web Application Firewall

ModSecurity ™is an open source, free web application firewall WAF Apache module. With over 70% of all attacks now carried out over the web application level, organizations need all the help they can get in making their systems secure. Changelog v2.8.0 Bug fix Build issue: Now using autotools to...

6.7AI score
Exploits0References24
Prion
Prion
added 2013/11/05 8:55 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Opsview before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to admin/auditlog/, 2 PATHINFO to info/host/ or 3 viewport/, 4 back parameter to login, or 5 "from" parameter to status/service/recheck...

4.3CVSS6.1AI score0.0096EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2012/08/08 10:26 a.m.19 views

CVE-2012-0421

The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file...

2.1CVSS6.3AI score0.00321EPSS
Exploits0References2
Rows per page
Query Builder