Lucene search
K

3802 matches found

Debian CVE
Debian CVE
added 2017/03/06 2:0 a.m.29 views

CVE-2017-6504

WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking...

6.1CVSS6.1AI score0.00673EPSS
Exploits0
CVE
CVE
added 2017/03/06 2:0 a.m.69 views

CVE-2017-6504

CVE-2017-6504 affects the qBittorrent WebUI prior to 3.3.11, where the application did not set the X-Frame-Options header, potentially enabling clickjacking. Public details in the provided documents confirm the vulnerable component (WebUI), the condition (before 3.3.11), and the impact (clickjack...

6.1CVSS5.9AI score0.00673EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/02/21 12:0 a.m.3 views

IBM WebSphere Message Broker Clickjacking Vulnerability

IBM WebSphere Message Broker now known as IBM Integration Bus is an enterprise service bus ESB product from IBM, USA. The product provides connectivity and common data transformations for Service Oriented Architecture SOA environments and non-SOA environments. A clickjacking vulnerability exists ...

6.1CVSS6.7AI score0.00765EPSS
Exploits0References1
Hacker One
Hacker One
added 2017/02/07 1:33 p.m.20 views

Brave Software: Clickjacking or URL Masking

I am able to reproduce the bug in : Brave: 0.13.2 rev: 25b1199fb6154b089cbad37926483239495b9800 Muon: 2.0.19 libchromiumcontent: 54.0.2840.100 V8: 5.4.500.41 Node.js: 7.0.0 Update Channel: dev os.platform: win32 os.release: 6.1.7601 os.arch: x64 Steps to reproduce : 1. Open click.html 2. Then try...

0.4AI score
Exploits0
Hacker One
Hacker One
added 2017/02/02 8:4 a.m.24 views

WebSummit: found a vulnerability in your website

the vulnerability in your website is something called clickjacking or x-frame options header not set . when X-frame options header is not included in the HTTP the attacker can attack your website by clickjacking. so what is x-frame options? The X-Frame-Options HTTP response header can be used to...

0.2AI score
Exploits0
NVD
NVD
added 2017/02/01 10:59 p.m.24 views

CVE-2016-9000

IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...

6.1CVSS6.1AI score0.01146EPSS
Exploits0References3
OSV
OSV
added 2017/02/01 10:59 p.m.4 views

CVE-2016-9000

IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...

6.1CVSS5.8AI score
Exploits0References3
Prion
Prion
added 2017/02/01 10:59 p.m.23 views

Cross site scripting

IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...

4.3CVSS6.7AI score0.01146EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2017/02/01 10:0 p.m.57 views

CVE-2016-9000

IBM InfoSphere DataStage is affected by CVE-2016-9000, a Cross‑Frame Scripting issue caused by insufficient HTML iframe protection. A remote attacker could entice a user to visit a crafted URL to load a page under the attacker’s control, enabling clickjacking or other client‑side browser attacks....

6.1CVSS6AI score0.01146EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2017/02/01 10:0 p.m.21 views

CVE-2016-9000

IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct...

6.1AI score0.01146EPSS
Exploits0References3
NVD
NVD
added 2017/02/01 8:59 p.m.20 views

CVE-2016-5984

IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...

6.1CVSS6.1AI score0.0085EPSS
Exploits0References2
OSV
OSV
added 2017/02/01 8:59 p.m.2 views

CVE-2016-5984

IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...

6.1CVSS5.8AI score0.0085EPSS
Exploits0References2
Prion
Prion
added 2017/02/01 8:59 p.m.19 views

Cross site scripting

IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...

4.3CVSS6.7AI score0.0085EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2017/02/01 8:0 p.m.44 views

CVE-2016-5984

CVE-2016-5984 affects IBM InfoSphere Information Server and ISF/InfoSphere on Cloud. The vulnerability is a cross-frame scripting issue due to insufficient HTML iframe protection, enabling a remote attacker to use a crafted URL to perform clickjacking or similar client-side browser attacks. Affec...

6.1CVSS6AI score0.0085EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2017/02/01 8:0 p.m.22 views

CVE-2016-5984

IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to...

6.1AI score0.0085EPSS
Exploits0References2
NVD
NVD
added 2017/01/31 10:59 p.m.16 views

CVE-2016-9413

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

6.5CVSS6.5AI score0.01651EPSS
Exploits0References4
OSV
OSV
added 2017/01/31 10:59 p.m.4 views

CVE-2016-9413

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

6.5CVSS5.8AI score0.01651EPSS
Exploits0References4
Prion
Prion
added 2017/01/31 10:59 p.m.14 views

Code injection

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

4.3CVSS7.2AI score0.01651EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2017/01/31 10:0 p.m.41 views

CVE-2016-9413

The CVE-2016-9413 entry affects MyBB Admin control panel and MyBB Merge System prior to 1.8.7. The underlying issue is clickjacking via unspecified vectors, enabling remote attackers to perform clickjacking against affected admin interfaces. The vulnerable components are the Admin control panel a...

6.5CVSS7AI score0.01651EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2017/01/31 10:0 p.m.17 views

CVE-2016-9413

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

6.7AI score0.01651EPSS
Exploits0References4
Rows per page
Query Builder