Lucene search
K

7 matches found

OSV
OSV
added 2025/10/22 4:34 p.m.4 views

DRUPAL-CONTRIB-2025-112

CivicTheme is a design system and theme framework used to build content-rich Drupal websites. It includes editorial workflows, structured content types, and flexible theming components. The theme doesn't sufficiently check access to entities when they are displayed as reference cards used in manu...

7.5CVSS6AI score0.0028EPSS
Exploits0References1
Hacker One
Hacker One
added 2019/08/15 12:14 a.m.19 views

GitLab: Stealing data from customers.gitlab.com without user interaction

Summary An attacker can link her own customers.gitlab.com account to the one of the victim, and these give access to 3 different vulnerabilities: - destroying subscriptions of the victim - buying new subscriptions using victim credit card for its own groups - some minor information disclosure abo...

0.6AI score
Exploits0
Kitploit
Kitploit
added 2017/09/01 9:0 p.m.20 views

Tulpar - Web Vulnerability Scanner

Tulpar is a open source web vulnerability scanner for written to make web penetration testing automated. Features Sql Injection GET Method XSS GET Method Crawl E-mail Disclosure Credit Card Disclosure Whois Command Injection GET Method Directory Traversal GET Method File Include GET Method Server...

6.9AI score
Exploits0References1
Hacker One
Hacker One
added 2014/02/25 7:8 a.m.31 views

Internet Bug Bounty: Widespread failure of certificate validation in Android apps

I have identified approximately 75 Android applications and some iPad that fail to validate SSL certificates, either failing to validate valid certificate authorities, correct hostnames or both. I have made attempts to responsibly disclose all of these vulns to the responsible parties. A few have...

7AI score
Exploits0
NVD
NVD
added 2007/05/13 11:19 p.m.12 views

CVE-2007-2640

LibTMCG before 1.1.1 does not perform a range check to avoid "trivial group generators," which allows attackers to obtain sensitive information about private cards...

7.8CVSS6AI score0.01362EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.32 views

Credit Card Data Disclosure in CitrusDB

CitrusDB uses a textfile to temporarily store credit card information. This textfile is located in the web tree via a static URL and thus accessible to third parties. It also isn SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are...

5CVSS6.6AI score0.07652EPSS
Exploits1References1
securityvulns
securityvulns
added 2005/02/14 12:0 a.m.40 views

[Full-Disclosure] Credit Card data disclosure in CitrusDB

Credit Card data disclosure in CitrusDB A group of students at our lab called RedTeam found an information disclosure vulnerability in CitrusDB which can result in disclosure of credit card information. Details ======= Product: CitrusDB Affected Version: = 0.3.5 Immune Version: =0.3.6 OS affected...

5CVSS0.1AI score0.07652EPSS
Exploits1
Rows per page
Query Builder