Lucene search
K

66 matches found

OSV
OSV
added 2019/05/17 4:29 p.m.2 views

UBUNTU-CVE-2019-5883

An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn't be allowed to...

9.1CVSS7.3AI score0.01504EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2019/04/30 11:59 a.m.21 views

Defending Democracies Against Information Attacks

To better understand influence attacks, we proposed an approach that models democracy itself as an information system and explains how democracies are vulnerable to certain forms of information attacks that autocracies naturally resist. Our model combines ideas from both international security an...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2019/01/16 7:55 a.m.293 views

Dynamic Data Resolver (DDR) - IDA Plugin

This blog post was authored by Holger Unterbrink Executive Summary Static reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. But, if you try to perform dynamic analysis by...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2014/08/13 1:35 p.m.12 views

Disqus Patches CSRF, Other Flaws in Plugin

Disqus, the maker of the popular community commenting plugin, has patched a handful of security flaws, including a CSRF bug. The vulnerabilities are present in all versions of the plugin up to 2.75. The most serious of the three vulnerabilities fixed in version 2.76 of the Disqus plugin is the CS...

0.1AI score
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

TCW PHP Album Multiple Vulnerabilities

No description provided by source. 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: TCW PHP Album Multiple Vulnerability Vendor...

7.1AI score
Exploits0
NVD
NVD
added 2012/03/03 4:4 a.m.19 views

CVE-2012-0320

Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the 1 commenting feature and 2 community script...

7.5CVSS6.8AI score0.02707EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2012/03/03 4:4 a.m.15 views

CVE-2012-0320

Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the 1 commenting feature and 2 community script...

7.5CVSS5.9AI score0.02707EPSS
Exploits0References2
Prion
Prion
added 2012/03/03 4:4 a.m.18 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the 1 commenting feature or 2 community script...

6.8CVSS7.9AI score0.01095EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2012/03/03 4:4 a.m.19 views

Design/Logic Flaw

Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the 1 commenting feature and 2 community script...

7.5CVSS7.3AI score0.02707EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2012/03/03 4:4 a.m.23 views

CVE-2012-0317

Multiple cross-site request forgery CSRF vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the 1 commenting feature or 2 community script...

6.8CVSS5.9AI score0.01095EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/03/03 2:0 a.m.23 views

CVE-2012-0320

Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the 1 commenting feature and 2 community script...

6.7AI score0.02707EPSS
Exploits0References7
CVE
CVE
added 2012/03/03 2:0 a.m.62 views

CVE-2012-0320

CVE-2012-0320 affects Movable Type before 4.38, 5.0.x before 5.07, and 5.1.x before 5.13. The vulnerability allows remote attackers to take control of user sessions via the commenting feature and the community script, enabling session hijack. Relevant advisories reference upgrades to fixed releas...

7.5CVSS6.9AI score0.02707EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/11/29 12:0 a.m.20 views

Fedora 16 : ReviewBoard-1.6.3-1.fc16 (2011-15935)

New upstream security release 1.6.3 - Security Fixes : - A script injection vulnerability was discovered in the commenting system. This affected the diff viewer and screenshot pages, and allowed a commenter to break the page and execute JavaScript Note that Tenable Network Security has extracted...

4.3CVSS5.6AI score0.02336EPSS
Exploits0References3
Prion
Prion
added 2011/10/07 10:55 a.m.13 views

Sql injection

SQL injection vulnerability in the Commenting system Backend Module commentsbe extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01037EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2011/06/27 12:0 a.m.21 views

Wordpress Beer Recipes Plugin v.1.0 XSS

No description provided by source. Exploit Title: Wordpress - Beer Recipes v.1.0 XSS Google Dork: - Date: June / 25 / 2011 Author: TheUzuki.' Software Link: http://opensourcebrew.org/beer-recipes-plugin/ Version: v.1.0 Tested on: Windows 7 CVE : - SIESTTA 2.0 LFI/XSS Multiple Vulnerabilities...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/07/10 12:0 a.m.38 views

Joomla Component com_soundset LFI Vulnerability

Exploit for php platform in category web applications =============================================== Joomla Component comsoundset LFI Vulnerability =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/07/04 12:0 a.m.20 views

TCW PHP Album - Multiple Vulnerabilities

TCW PHP Album - Multiple Vulnerabilities 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: TCW PHP Album Multiple Vulnerability Vendor...

0.4AI score
Exploits0
CVE
CVE
added 2009/06/17 5:0 p.m.45 views

CVE-2009-2104

The CVE-2009-2104 entry describes a Cross-site scripting (XSS) vulnerability in the Modern Guestbook / Commenting System (ve_guestbook) extension for TYPO3, affecting version 2.7.1 and earlier. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vector...

4.3CVSS5.9AI score0.01065EPSS
Exploits0References5Affected Software1
exploitpack
exploitpack
added 2008/02/14 12:0 a.m.25 views

freePHPgallery 0.6 - Cookie Local File Inclusion

freePHPgallery 0.6 - Cookie Local File Inclusion --==+================================================================================+==-- --==+ freePHPgallery 0.6 Cookie Local File Inclusion +==-- --==+================================================================================+==-- Author:...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/14 12:0 a.m.32 views

freePHPgallery 0.6 - Cookie Local File Inclusion

--==+================================================================================+==-- --==+ freePHPgallery 0.6 Cookie Local File Inclusion +==-- --==+================================================================================+==-- Author: MhZ91 Title: freePHPgallery 0.6 Cookie Local Fil...

7.4AI score
Exploits0
Rows per page
Query Builder