Lucene search
+L

16 matches found

ibm
ibm
added 2021/08/31 9:19 p.m.88 views

Security Bulletin: Security vulnerabilities have been fixed in IBM Security Identity Manager Virtual Appliance

Summary IBM Security Identity Manager Virtual Appliance ISIM VA has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2021-29682 DESCRIPTION: IBM Security Identity Manager could allow a remote attacker to obtain sensitive information when a detailed technical error message ...

9.9CVSS0.7AI score0.99019EPSS
Exploits14Affected Software1
openvas
openvas
added 2016/09/07 12:0 a.m.25 views

IBM WebSphere Portal Multiple XSS Vulnerabilities

IBM WebSphere Portal is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.6AI score0.01433EPSS
Exploits0References1
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

Atom PhotoBlog 1.0.1/1.0.9AtomPhotoBlog.PHP Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24363/info Atom PhotoBlog is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser. These issues include multiple...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

AspDotNetStorefront 3.3 ReturnURL Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10507/info AspDotNetStorefront is prone to a cross-site scripting vulnerability. This issue exists due to insufficient sanitization of user-supplied data. The problem presents itself in the 'returnurl' parameter of the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Labels.asp Term Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2013/03/25 12:0 a.m.13 views

Atmail WebMail - INBOX.Trash?mailId Reflected Cross-Site Scripting

Atmail WebMail - INBOX.Trash?mailId Reflected Cross-Site Scripting source: https://www.securityfocus.com/bid/65408/info Atmail is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

6.8AI score
Exploits0
openvas
openvas
added 2011/11/15 12:0 a.m.34 views

Cacti Unspecified SQL Injection and Cross Site Scripting Vulnerabilities

Cacti is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user- supplied data. Exploiting these issues could allow an attacker to steal cookie- based authentication credentials, compromise the application, access or modify...

7.5CVSS0.8AI score0.0322EPSS
Exploits2References3
openvas
openvas
added 2011/01/19 12:0 a.m.24 views

Joostina 'index.php' Cross Site Scripting Vulnerability

Joostina is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.6AI score
Exploits0References2
exploitdb
exploitdb
added 2009/08/10 12:0 a.m.27 views

ViArt CMS - 'forum.php?forum_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36003/info ViArt CMS is prone to multiple cross site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially...

7AI score
Exploits0
exploitdb
exploitdb
added 2009/08/10 12:0 a.m.66 views

ViArt Helpdesk - 'product_details.php?category_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42543/info ViArt Helpdesk is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

7AI score
Exploits0
exploitpack
exploitpack
added 2009/01/15 12:0 a.m.13 views

Active Bids - search SQL Injection

Active Bids - search SQL Injection source: https://www.securityfocus.com/bid/33306/info Active Auction House and Active Auction Pro are prone to SQL-injection and cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied data. Exploiting these issues could allo...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2008/03/03 12:0 a.m.13 views

TorrentTrader 1.08 - msg HTML Injection

TorrentTrader 1.08 - msg HTML Injection source: https://www.securityfocus.com/bid/28082/info TorrentTrader is prone to an HTML-injection vulnerability because it fails to adequately sanitize user-supplied input. Attacker-supplied HTML or JavaScript code could run in the context of the affected...

7.6AI score
Exploits0
exploitdb
exploitdb
added 2008/01/03 12:0 a.m.29 views

PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27126/info PRO-Search is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2007/06/22 12:0 a.m.39 views

eNdonesia 8.4 - 'mod.php?viewarticle Action artid' SQL Injection

source: https://www.securityfocus.com/bid/24590/info eNdonesia is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/11/20 12:0 a.m.25 views

vSpin Classified System 2004 - 'search.asp?minprice' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21190/info vSpin Classified System is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues could all...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/05/02 12:0 a.m.12 views

GeoBlog MOD_1.0 - viewcat.php Cross-Site Scripting

GeoBlog MOD1.0 - viewcat.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17784/info GeoBlog is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

6.8AI score
Exploits0
Rows per page
Query Builder