Lucene search
K

197 matches found

Snyk
Snyk
added 2021/05/24 7:53 p.m.5 views

Malicious Package

Overview sap-authorize is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/03/15 1:37 p.m.6 views

pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab

It was found that the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code...

6.1CVSS6.4AI score0.00919EPSS
Exploits0References4
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/08/08 2:16 p.m.98 views

How to Restore Your Mac to Factory Settings

Restoring your Mac to the factory settings can help fix problems if nothing else has worked. You should also restore your Mac to the factory settings before giving away or selling it to get rid of all your personal files and information. Because following the instructions below will wipe out all ...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2018/01/24 8:50 a.m.28 views

CVE-2018-1000015

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...

4.9CVSS3.5AI score0.01031EPSS
Exploits0References2
OSV
OSV
added 2018/01/23 2:29 p.m.3 views

CVE-2018-1000015

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...

4.8CVSS5.9AI score0.01031EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/23 2:0 p.m.30 views

CVE-2018-1000015

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...

5.2AI score0.01031EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/11 12:0 a.m.4 views

IdentityServer3 authorize response page cross-site scripting vulnerability

IdentityServer3 is a .NET-based access control plug-in for Web applications. A cross-site scripting vulnerability in the Angular expression of the IdentityServer3 authorize response page allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be use...

6.1CVSS6.2AI score0.01042EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/08/08 1:0 a.m.27 views

CVE-2017-12677

IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow remote attackers to obtain sensitive information about the IdentityServer authorization response...

6AI score0.01042EPSS
Exploits0References1
CVE
CVE
added 2017/02/01 10:0 p.m.55 views

CVE-2016-0320

CVE-2016-0320 affects IBM UrbanCode Deploy. Description: an authenticated user could modify UCD objects via multiple REST endpoints that do not properly authorize edits, potentially altering behavior of legitimately triggered processes. Affected versions include UrbanCode Deploy 6.0 through 6.2.x...

4.3CVSS4.8AI score0.0059EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2016/07/13 12:0 a.m.25 views

Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)

/ Title : Linux , Reverse Shell using Xterm , ///usr/bin/xterm -display 127.1.1.1:10 Date : 12-07-2016 Author : RTV Tested On : Ubuntu x86 shellcode :...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2015/08/26 7:0 p.m.19 views

CVE-2015-3158

The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a 1 direct request or 2...

6.3AI score0.01913EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2010/12/01 12:0 a.m.33 views

ISC BIND 9.4-ESV < 9.4-ESV-R4 / 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3 / 9.7.x < 9.7.2-P3 Multiple Vulnerabilities

Binary data 5718.prm...

6.4CVSS9AI score0.1692EPSS
Exploits0References10
exploitpack
exploitpack
added 2009/01/09 12:0 a.m.10 views

Fast FAQs System - Authentication Bypass

Fast FAQs System - Authentication Bypass -=Fast FAQs System=- Autore: x0r Email: [email protected] Cms Site: http://fastcreators.com/products/fastfaq/download.php Bug In \admin\authorize.php $query = "select from admin where userid='$POST'uname'' AND pass='$POST'pass''"; Exploit: ' or '1=1 Greetz:...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/09 12:0 a.m.29 views

Fast FAQs System - Authentication Bypass

-=Fast FAQs System=- Autore: x0r Email: [email protected] Cms Site: http://fastcreators.com/products/fastfaq/download.php Bug In \admin\authorize.php $query = "select from admin where userid='$POST'uname'' AND pass='$POST'pass''"; Exploit: ' or '1=1 Greetz: Anna...Strabica...Emetta... Vi Amo.. -- w00t...

7.4AI score
Exploits0
NVD
NVD
added 2006/08/21 9:4 p.m.17 views

CVE-2006-4267

Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 oid parameter in modules/gateway/Protx/confirmed.php and the 2 xinvoicenum parameter in modules/gateway/Authorize/confirmed.php...

7.5CVSS8.4AI score0.03361EPSS
Exploits1References14
Cvelist
Cvelist
added 2006/08/21 9:0 p.m.22 views

CVE-2006-4267

Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 oid parameter in modules/gateway/Protx/confirmed.php and the 2 xinvoicenum parameter in modules/gateway/Authorize/confirmed.php...

8.4AI score0.03361EPSS
Exploits1References14
Drupal
Drupal
added 2005/10/30 12:0 a.m.9 views

Unintentionally logging credit card transactions

Solar Designer of the Openwall Project reported a security vulnerability in the contributed authorizenet module which is part of the ecommerce package. Credit card information was being stored in a system log file. The system should not be saving this information. Versions affected Please check t...

5.4AI score
Exploits0References5
Rows per page
Query Builder