Lucene search
+L

78 matches found

Fedora
Fedora
added 2021/03/10 12:26 a.m.38 views

[SECURITY] Fedora 32 Update: privoxy-3.0.32-1.fc32

Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit...

2.3AI score
Exploits0
AlpineLinux
AlpineLinux
added 2021/01/07 1:51 p.m.45 views

CVE-2020-26977

By attempting to connect a website using an unresponsive port, an attacker could have controlled the content of a tab while the URL bar displayed the original domain. Note: This issue only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 84...

6.5CVSS7.3AI score0.00851EPSS
Exploits0
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.7 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox for Android prior to version 84. By attempting to connect to a website using a port that fails to respond, an attacker can control the content of tabs...

6.5CVSS6.9AI score0.00851EPSS
Exploits0References6
WPVulnDB
WPVulnDB
added 2020/09/10 12:0 a.m.22 views

Email Subscribers & Newsletters < 4.5.6 - Unauthenticated email forgery/spoofing

It allows a remote unauthenticated attacker to send forged emails to all recipients from the available lists of contacts or subscribers, with complete control over the content and subject of the email. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Host: example.com Content-Type:...

5CVSS2.8AI score0.01634EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2020/07/09 3:15 p.m.4 views

UBUNTU-CVE-2020-12412

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain with the https:// scheme, a blocked port number such as '1', and without a lock icon while controlling the page contents. This vulnerability affects Firefox 70...

4.3CVSS5.8AI score0.00778EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2019/04/22 12:0 a.m.337 views

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

8.8CVSS8.7AI score0.52901EPSS
In wildExploits10References5
Hacker One
Hacker One
added 2017/11/18 4:24 p.m.19 views

Mail.ru: XSS on account.mail.ru/login

Уязвимость на станице https://account.mail.ru/login и подготовка файлов для атаки --------------------- В процессе исследования заметил, что на странице https://account.mail.ru/login не валидируется значение параметра v. Значение выводится на странице как есть и используется в пути до скрипта...

6.8AI score
Exploits0
CNVD
CNVD
added 2017/03/03 12:0 a.m.22 views

WordPress AnyVar Plugin Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language.REST API can transfer data via JSON format to access or control the content of the WordPress site. A cross-site scripting vulnerability exists in the WordPress AnyVar plugin. An attacker can use the vulnerability to execute arbitra...

6.1CVSS6.6AI score0.0091EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/01/31 5:52 a.m.7 views

nagios: Command injection via curl in MagpieRSS

It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system...

9.8CVSS5.9AI score0.22684EPSS
Exploits10References5
Hacker One
Hacker One
added 2017/01/02 7:10 p.m.159 views

Slack: Subdomain takeover on podcasts.slack-core.com

I noticed slack-core.com is used for Slack's call infrastructure. I had never seen that domain before, so I decided to find out what else was running on it. It turned out podcasts.slack-core.com was pointing to a Podcast and RSS hosting service called Feed.Press. However, there was no Feed.Press...

Exploits0
exploitpack
exploitpack
added 2015/08/31 12:0 a.m.27 views

Ganglia Web Frontend 3.5.1 - PHP Code Execution

Ganglia Web Frontend 3.5.1 - PHP Code Execution...

7.5CVSS0.6AI score0.09944EPSS
Exploits5
CNVD
CNVD
added 2015/02/27 12:0 a.m.5 views

CreA8social 'Add Game' Field HTML Injection Vulnerability

CreA8social is a social networking platform. An HTML injection vulnerability exists in the CreA8social 'Add Game' field, where attacker-supplied HTML or JavaScript code can run on the affected site. This allows an attacker to steal cookie-based authentication credentials and control the content...

3.5CVSS7.5AI score0.02929EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2011/02/17 12:0 a.m.70 views

Microsoft Windows - Print Spooler Service Impersonation (MS10-061) (Metasploit)

$Id: ms10061spoolss.rb 11766 2011-02-17 19:22:11Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

9.3CVSS7AI score0.75636EPSS
Exploits4
OpenVAS
OpenVAS
added 2011/01/11 12:0 a.m.17 views

Fedora Update for drupal-views FEDORA-2010-19009

Check for the Version of drupal-views OpenVAS Vulnerability Test Fedora Update for drupal-views FEDORA-2010-19009 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.4AI score
Exploits0References2
Fedora
Fedora
added 2010/06/21 9:26 p.m.20 views

[SECURITY] Fedora 12 Update: drupal-views-6.x.2.11-1.fc12

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2008/07/24 12:0 a.m.26 views

Outpost Security Suite Pro ver. 2009 Multiple vulnerabilities

Application: Outpost Security Suite Pro ver. 2009 OS: Windows Xp All patches a day ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description Outpost Security Suite is a software...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2004/09/14 12:0 a.m.30 views

getinternet.txt

CRIOLABS - Software: getInternet - Type: E-business:Internet - Company: getSolutions - Date: 09-9-2004 Software: getInternet Platform: ASP, Microsoft SQL Comments: Administration section Not Tested Description getInternet will allow you to maintain, manage and control all of the content on your...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.8 views

Security update 1970-01-01

...

5.3AI score
Exploits0
Rows per page
Query Builder