Lucene search
K

67 matches found

CERT
CERT
added 2014/03/27 12:0 a.m.27 views

ManageEngine OpStor Build 8300 and earlier contain multiple vulnerabilities

Overview ManageEngine OpStor Build 8300 and earlier contain multiple vulnerabilities. Description CWE-472: External Control of Assumed-Immutable Web ParameterIt has been reported that the 'Properties.do?name=' module is vulnerable to an ‘unauthorized function call’ caused by server failing to...

6.5CVSS6.5AI score0.05579EPSS
Exploits1References3
0day.today
0day.today
added 2013/01/06 12:0 a.m.64 views

TomatoCart 1.x Unrestricted File Creation

TomatoCart 1.x versions are susceptible to an unrestricted file creation vulnerability. 1. OVERVIEW TomatoCart 1.x versions are vulnerable to Unrestricted File Creation. 2. BACKGROUND TomatoCart is an innovative Open Source shopping cart solution developed by Wuxi Elootec Technology Co., Ltd. It ...

7AI score
Exploits0
securityvulns
securityvulns
added 2013/01/02 12:0 a.m.70 views

CubeCart 5.0.7 and lower versions | Insecure Backup File Handling

OVERVIEW CubeCart 5.0.7 and lower versions are vulnerable to Insecure Backup File Handling which leads to the disclosure of the application configuration file. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/28 12:0 a.m.25 views

CubeCart 5.0.7 Insecure Backup Handling

OVERVIEW CubeCart 5.0.7 and lower versions are vulnerable to Insecure Backup File Handling which leads to the disclosure of the application configuration file. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/22 12:0 a.m.42 views

CubeCart 3.0.20 SQL Injection

OVERVIEW The CubeCart 3.0.20 and lower versions are vulnerable to SQL Injection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful online...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/16 12:0 a.m.34 views

Open-Realty 2.5.8 Cross Site Request Forgery

OVERVIEW Open-Realty 2.5.8 and lower versions are vulnerable to Cross Site Request Forgery. 2. BACKGROUND Open-Realty is the world's leading real estate listing marketing and management CMS application, and has enjoyed being the real estate web site software of choice for professional web site...

0.6AI score
Exploits0
F5 Networks
F5 Networks
added 2012/11/02 12:0 a.m.55 views

SOL13993 - Cross-site URL redirection attack vulnerability CVE-2009-4017

Vulnerability Recommended Actions Upgrade FirePass to the latest hotfix. Acknowledgements F5 would like to acknowledge Aung Khant of YGN Ethical Hacker Group, Myanmar for bringing this issue to our attention, and for following the highest standards of responsible disclosure. Supplemental...

5CVSS0.6AI score0.12041EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2012/10/21 12:0 a.m.30 views

F5 FirePass SSL VPN Open URL Redirection

OVERVIEW F5 FirePass SSL VPN is vulnerable to Open URL Redirection. 2. BACKGROUND F5 FirePass SSL VPN provides secure remote access to enterprise applications and data for users over any device or network while protecting your corporate. See http://www.f5.com/pdf/products/firepass-overview.pdf...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/10/15 12:0 a.m.31 views

SilverStripe 2.4.7 Cross Site Scripting

OVERVIEW SilverStripe 2.4.7 and lower versions are vulnerable to Persistent Cross Site Scripting. 2. BACKGROUND SilverStripe CMS is easy for both developers and content authors to work with. The SilverStripe Framework keeps the code tucked away neatly so that it can be accessed easily by...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.62 views

ocPoral CMS 8.x | Session Hijacking Vulnerability

OVERVIEW ocPoral CMS 8.x and lower versions are vulnerable to Session Hijacking flaw which could allow attackers to compromise administrator session. 2. PRODUCT DESCRIPTION ocPortal is the website Content Management System a CMS for building and maintaining a dynamic website. ocPortal's powerful...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2012/05/20 12:0 a.m.19 views

Acuity CMS 2.6.x Directory Traversal

OVERVIEW Acuity CMS 2.6.x ASP-based versions are vulnerable to Path Traversal. 2. BACKGROUND Acuity CMS is a powerful but simple, extremely easy to use, low priced, easy to deploy content management system. It is a leader in its price and feature class. 3. VULNERABILITY DESCRIPTION The issue is...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.50 views

Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities

OVERVIEW Beatz 1.x versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Beatz is a set of powerful Social Networking Script Joomla! 1.5 plugins that allows you to start your own favourite artist band website. Although it is just a Joomla! plugin, it comes with full Joolma! bundle for...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.129 views

FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities

OVERVIEW Fastpath WebChat is vulnerable to Cross Site Scripting. 2. BACKGROUND Fastpath WebChat is part of the Fastpath product. It provides a way for users to begin chatting with support agents using Fastpath. Fastpath is a plugin of OpenFire, a real time collaboration RTC server for instant...

Exploits0
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.80 views

Acuity CMS 2.6.x <= Cross Site Scripting

OVERVIEW Acuity CMS 2.6.x ASP-based versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Acuity CMS is a powerful but simple, extremely easy to use, low priced, easy to deploy content management system. It is a leader in its price and feature class. 3. VULNERABILITY DESCRIPTION...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/17 12:0 a.m.30 views

Acuity CMS 2.6.x Cross Site Scripting

OVERVIEW Acuity CMS 2.6.x ASP-based versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Acuity CMS is a powerful but simple, extremely easy to use, low priced, easy to deploy content management system. It is a leader in its price and feature class. 3. VULNERABILITY DESCRIPTION...

Exploits0
Packet Storm
Packet Storm
added 2012/04/16 12:0 a.m.33 views

Joomla Beatz 1.x Cross Site Scripting

OVERVIEW Beatz 1.x versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Beatz is a set of powerful Social Networking Script Joomla! 1.5 plugins that allows you to start your own favourite artist band website. Although it is just a Joomla! plugin, it comes with full Joolma! bundle for...

Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.207 views

OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities

OVERVIEW OxWall 1.1.1 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Oxwall is a free open source software package for building social networks, family sites and collaboration systems. It is a flexible community website engine developed with the aim to provide people...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.37 views

CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated]

OVERVIEW The CubeCart 3.0.20 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2011/10/05 12:0 a.m.27 views

vTiger CRM 5.2.1 Blind SQL Injection

vTiger CRM 5.2.x = Blind SQL Injection Vulnerability 1. OVERVIEW The vTiger CRM 5.2.1 and lower versions are vulnerable to Blind SQL Injection. No fixed version has been released as of 2011-10-05. 2. BACKGROUND vtiger CRM is a free, full-featured, 100% Open Source CRM software ideal for small and...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2011/09/30 12:0 a.m.33 views

Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities

No description provided by source. 1. OVERVIEW Joomla! 1.7.0 stable version is vulnerable to multiple Cross Site Scripting issues. 2. BACKGROUND Joomla is a free and open source content management system CMS for publishing content on the World Wide Web and intranets. It comprises a...

7.1AI score
Exploits0
Rows per page
Query Builder