Lucene search
+L

99 matches found

CVE
CVE
added 2023/09/01 10:48 a.m.2489 views

CVE-2023-25042

CVE-2023-25042 : Stored XSS in the oAuth Twitter Feed for Developers WordPress plugin (

5.9CVSS5.1AI score0.00396EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/01/24 9:15 a.m.20 views

CVE-2022-4554

B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347...

5.4CVSS5.2AI score0.00337EPSS
Exploits0References2
Prion
Prion
added 2023/01/24 9:15 a.m.18 views

Cross site scripting

B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347...

4.9CVSS5.2AI score0.00337EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/01/24 12:0 a.m.46 views

CVE-2022-4554

The CVE-2022-4554 entry concerns the B2B Customer Ordering System developed by ID Software Project and Consultancy Services. Affected versions are prior to 1.0.0.347 and the vulnerability is an authenticated Reflected XSS vulnerability. The issue is resolved in version 1.0.0.347. Exploitation det...

5.4CVSS5.5AI score0.00337EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2022/08/08 8:36 a.m.12 views

cosmosconsultancy.com.au Cross Site Scripting vulnerability OBB-2830271

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/08/07 10:45 a.m.10 views

ausphinconsultancy.com.au Cross Site Scripting vulnerability OBB-2827320

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
NVD
NVD
added 2022/03/30 3:15 p.m.26 views

CVE-2022-25619

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

6.7CVSS0.00321EPSS
Exploits0References1
Prion
Prion
added 2022/03/30 3:15 p.m.15 views

Command injection

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

4.6CVSS6.6AI score0.00321EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/30 2:55 p.m.82 views

CVE-2022-25619

CVE-2022-25619 : Affected product is Profelis IT Consultancy SambaBox (x86) version 4.0 and earlier. The root cause is improper neutralization in the ping utility, enabling an AUTHENTICATED user to execute arbitrary code via a command injection. The vulnerability is documented across sources (NVD...

6.7CVSS5.5AI score0.00321EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/30 2:55 p.m.26 views

CVE-2022-25619 Authenticated Command Injection to RCE

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86...

3.8CVSS6.8AI score0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/30 2:55 p.m.29 views

CVE-2022-25620 Stored Cross-Site Scripting (XSS)

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...

3.8CVSS9.3AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2022/03/30 2:55 p.m.75 views

CVE-2022-25620

CVE-2022-25620 describes a stored XSS vulnerability in the Groups feature of Profelis IT Consultancy SambaBox, allowing an authenticated user to execute arbitrary code on the vulnerable server due to improper neutralization of script-related HTML tags. Affected: SambaBox 4.0 and earlier on x86. R...

9CVSS7.1AI score0.00417EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/03/30 12:0 a.m.5 views

Profelis IT Consultancy SambaBox 命令注入漏洞

Profelis IT Consultancy SambaBox is an enterprise directory solution from Profelis IT Consultancy. A security vulnerability exists in Profelis IT Consultancy SambaBox x86 4.0 and prior versions, which stems from the improper neutralization of a special element used in the command "command...

6.7CVSS6.8AI score0.00321EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2021/11/04 6:58 a.m.13 views

US Sanctions Pegasus-maker NSO Group and 3 Others For Selling Spyware

The U.S. Commerce Department on Wednesday added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in "malicious cyber activities." The agency said the two companies were added to the list based on evidence that "these entities developed...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/02/18 5:59 p.m.175 views

Exploit Details Emerge for Unpatched Microsoft Bug

New details have emerged about an unpatched security vulnerability in Microsoft’s Internet Explorer that was recently used in a complex campaign against security researchers. A fresh analysis from 0patch offers further insight into where the bug exists and how it can be triggered in real-world...

8AI score
Exploits0References6
Openbugbounty
Openbugbounty
added 2020/10/11 4:5 p.m.6 views

consultancy.eu Cross Site Scripting vulnerability OBB-1398462

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/08/10 12:0 a.m.9 views

Automate Compliance in the Well-Architected Framework

Explore how Edrans, a DevOps, IT, and software consultancy, is using Trend Micro Cloud One™ – Conformity to adhere to the Well-Architected Framework and boost customers’ security, performance, and compliance...

3.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2019/08/24 6:40 p.m.6 views

consultancy-me.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-952347 Security Researcher tbm Helped patch 2172 vulnerabilities Received 6 Coordinated Disclosure badges Received 6 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting consultancy-me.com website and i...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2019/08/24 6:40 p.m.7 views

consultancy.com.au Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-952348 Security Researcher tbm Helped patch 2172 vulnerabilities Received 6 Coordinated Disclosure badges Received 6 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting consultancy.com.au website and i...

0.1AI score
Exploits0
HackRead
HackRead
added 2018/12/13 6:59 p.m.29 views

IT consultancy firm caught running ransomware decryption scam

By Waqas Ransomware has become a persistent threat to users globally but for cybercriminals, it is a lucrative business. Recently, IT security researchers at Check Point unearthed a sophisticated ransomware decryption scam in which a Russian IT consultant company has been caught scamming ransomwa...

6.9AI score
Exploits0
Rows per page
Query Builder