Lucene search
+L

11 matches found

Schneier on Security
Schneier on Security
added 2026/06/14 4:7 p.m.26 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving a keynote at Cybernation 2026 in Berlin, Germany, on June 24, 2026. I’m speaking at the Potsdam Conference on National Cybersecurity at the Hasso Plattner Institut in Potsdam, Germany. The event runs June 24–25, 2026, an...

5.3AI score
Exploits0
OSV
OSV
added 2024/11/13 5:24 p.m.8 views

GHSA-J4H6-GCJ7-7V9V decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds

Impact The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. Patches Not available Workarounds Disable the creation of meetings by participants in the meeting component. References OWASP ASVS v4.0.3-5.1.3 Credits This issue wa...

7.7CVSS7.2AI score0.00243EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/11/13 5:24 p.m.21 views

decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds

Impact The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. Patches Not available Workarounds Disable the creation of meetings by participants in the meeting component. References OWASP ASVS v4.0.3-5.1.3 Credits This issue wa...

7.7CVSS6AI score0.00243EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/07/10 3:43 p.m.43 views

GHSA-7CX8-44PC-XV3Q Decidim cross-site scripting (XSS) in the pagination

Impact The pagination feature used in searches and filters is subject to potential XSS attack through a malformed URL using the GET parameter perpage. Patches Not available Workarounds Not available References OWASP ASVS v4.0.3-5.1.3 Credits This issue was discovered in a security audit organized...

7.1CVSS6.6AI score0.00417EPSS
Exploits0References6
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.263 views

Joomla Plugin SexyPolling 2.1.7 - SQLi

Exploit Title: Joomla Plugin SexyPolling 2.1.7 - SQLi Google Dork: intext:"Powered by Sexy Polling" Date: 2022-02-08 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://2glux.com/projects/sexypolling Software Link: https://2glux.com/downloads/files/free/sexypollingpack2.1.72glux.com.zip...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/12 12:0 a.m.321 views

QCubed 3.1.1 Cross Site Scripting

QCube Cross-Site-Scripting ====================== | Identifier: | AIT-SA-20210215-03 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24912 | | Accessibility: | Remote | | Severity: | High | | Author: | Wolfgang Hotwagner AIT...

7.5CVSS8AI score0.40621EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/03/12 12:0 a.m.331 views

QCubed 3.1.1 PHP Object Injection

QCubed PHP Object Injection =========================== | Identifier: | AIT-SA-20210215-01 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24914 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagne...

7.5CVSS9.6AI score0.0545EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/03/12 12:0 a.m.281 views

ForkCMS PHP Object Injection

ForkCMS PHP Object Injection ========================= | Identifier: | AIT-SA-20210215-04 | | Target: | ForkCMS | | Vendor: | ForkCMS | | Version: | all versions below version 5.8.3 | | CVE: | CVE-2020-24036 | | Accessibility: | Remote | | Severity: | Medium | | Author: | Wolfgang Hotwagner AIT...

6.5CVSS0.02935EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/12/06 12:0 a.m.203 views

OkayCMS 2.3.4 Remote Code Execution

Unauthenticated remote code execution in OkayCMS Overview Identifier: AIT-SA-20191129-01 Target: OkayCMS Vendor: OkayCMS Version: all versions including 2.3.4 CVE: CVE-2019-16885 Accessibility: Local Severity: Critical Author: Wolfgang Hotwagner AIT Austrian Institute of Technology Summary OkayCM...

0.2AI score0.046EPSS
Exploits3
0day.today
0day.today
added 2019/11/16 12:0 a.m.284 views

FreeRadius 3.0.19 Logrotate Privilege Escalation Vulnerability

Privilege Escalation via Logrotate in FreeRadius Overview Identifier: AIT-SA-20191112-01 Target: FreeRadius Vendor: FreeRadius Version: all versions including 3.0.19 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-10143 Author: Wolfgang Hotwagner AIT...

7CVSS1.4AI score0.00345EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/11/15 12:0 a.m.295 views

FreeRadius 3.0.19 Logrotate Privilege Escalation

Privilege Escalation via Logrotate in FreeRadius Overview Identifier: AIT-SA-20191112-01 Target: FreeRadius Vendor: FreeRadius Version: all versions including 3.0.19 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-10143 Accessibility: Local Severity: Low...

6.9CVSS1.1AI score0.00345EPSS
Exploits3
Rows per page
Query Builder