Lucene search
K

17 matches found

CVE
CVE
added 2024/11/20 3:31 p.m.50 views

CVE-2024-11484

CVE-2024-11484 affects Code4Berry Decoration Management System 1.0. The vulnerability arises from manipulation of the parameter productimage1 in the file /decoration/admin/update_image.php (User Image Handler), leading to improper access controls. It is exploitable remotely and has publicly discl...

8.8CVSS6.8AI score0.00374EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/08/27 9:15 p.m.20 views

CVE-2024-8216

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

5.5CVSS0.00366EPSS
Exploits0References3
OSV
OSV
added 2021/07/07 2:15 p.m.6 views

CVE-2021-32523

Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to bypass the access control and execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

7.2CVSS6AI score0.01494EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/05/03 12:0 a.m.133 views

GPON Routers Multiple Vulnerabilities

GPON Home Routers are prone to multiple vulnerabilities. Those vulnerabilities where known to be exploited by the Mettle, Muhstik, Mirai, Hajime, and Satori Botnets in 2018. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

9.8CVSS10AI score0.9995EPSS
Exploits10References3
OpenVAS
OpenVAS
added 2017/08/08 12:0 a.m.73 views

Trane Tracer SC <= 4.2.1134 Information Exposure Vulnerability - Active Check

Trane Tracer SC is prone to an information exposure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6AI score0.01164EPSS
Exploits0References1
Patchstack
Patchstack
added 2017/04/25 12:0 a.m.10 views

WordPress Wow Viral Signups plugin 2.1 - SQL Injection vulnerability

Wow Viral Signups WordPress plugin version 2.1 is vulnerable to SQL injection. An attacker could exploit POST parameter 'idsignup' to access the database. Solution We can't find information about fixed version of this plugin. It's not available anymore on WordPress plugin directory. Deactivate...

4.7AI score
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2016/11/09 12:0 a.m.91 views

Verint Impact 360 11.1 Open Redirect

URL Redirection Vulnerability In Verint Impact 360 Overview ======== Title : URL Redirection Vulnerability In Verint Impact 360 Author: Sanehdeep Singh Plugin Homepage: http://www.verint.com Severity: Medium Version Affected: 11.1 Version patched: Patches available. Contact Vendor Description...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/01 12:0 a.m.13 views

F5 Networks ARX Data Manager Unsupported Version Detection

The remote host is running F5 Networks ARX Data Manager. According to the vendor, this product is no longer supported and security fixes will not be released. As a result, it is likely to contain security vulnerabilities. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc';...

5.5AI score
Exploits0References2
exploitpack
exploitpack
added 2013/01/02 12:0 a.m.13 views

Astium VoIP PBX 2.1 build 25399 - Multiple VulnerabilitiesRemote Command Execution

Astium VoIP PBX 2.1 build 25399 - Multiple VulnerabilitiesRemote Command Execution !/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Astium VoIP PBX 0x90.nl Software link :...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2010/07/18 12:0 a.m.51 views

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability Name RedShop Vendor http://redweb.dk Versions Affected 1.0.23.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-13 X. INDEX I. ABOUT THE...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/05/21 12:0 a.m.53 views

[Full-disclosure] Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities

netVigilance Security Advisory 28 Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities Description: Jetbox CMS is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully separated from...

7.5CVSS7.5AI score0.01176EPSS
Exploits2
securityvulns
securityvulns
added 2007/04/13 12:0 a.m.55 views

[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue

MajorSecurity Advisory 44MailBee WebMail Pro - Cross Site Scripting Issue Details ======= Product: MailBee WebMail Pro 3.4 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.afterlogic.com Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: Davi...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.30 views

GAMSoft TelSrv 1.4/1.5 Overflow

It is possible to crash the remote telnet server by sending a username that is 4550 characters long. An attacker may use this flaw to prevent you from administering this host remotely. OpenVAS Vulnerability Test $Id: TelSrvDoS.nasl 6053 2017-05-01 09:02:51Z teissa $ Description: GAMSoft TelSrv...

5CVSS0.1AI score0.50337EPSS
Exploits4
securityvulns
securityvulns
added 2005/05/28 12:0 a.m.34 views

PHP Stat Administrative User Authentication Bypass

=========================================================== ============================================================ Title: PHP Stat Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 25/05/2005 Severity: Medium. PHP Stat Administrative User Authentication...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/03 12:0 a.m.1505 views

TCP/IP Predictable ISN (Initial Sequence Number) Generation Weakness

The remote host has predictable TCP sequence numbers. An attacker may use this flaw to establish spoofed TCP connections to this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10443; scriptversion"1.31"; scriptcvsdate"Date: 2019/03/06 18:38:55"; scriptcveid...

7.5CVSS7.2AI score0.30873EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2002/10/13 12:0 a.m.95 views

SMC 2652W AP Malformed HTTP Request Remote DoS

The remote SMC 2652W Access point web server crashes when sent a specially formatted HTTP request. Copyright 2002 by John Lampe ... [email protected] BUG FOUND WITH SPIKE 2.7 See the Nessus Scripts License for details Changes by Tenable: - fill the Host header to work through a transparent pro...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.29 views

UoW imapd AUTHENTICATE Command Remote Overflow

It was possible to crash the remote IMAP server by sending a too long AUTHENTICATE command. An attacker may be able to exploit this vulnerability to execute code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10292; scriptversion "1.31";...

10CVSS5.8AI score0.18272EPSS
Exploits1References1
Rows per page
Query Builder