18 matches found
CVE-2018-10429
Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php...
Malicious Package
Overview wundergraph-cosmo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2018-2501
Malware in sbrugna...
EUVD-2012-5738
Malware in sbrugna...
Malicious code in wundergraph-cosmo (npm)
--- -= Per source details. Do not edit below this line.=-...
cosmo-koki.co.jp Cross Site Scripting vulnerability OBB-3439732
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Cosmo Arbitrary PHP Code Execution Vulnerability
Cosmo is a set of CMS Content Management System built on AngularJS and PHP. A security vulnerability exists in Cosmo version 1.0.0Beta6. The vulnerability can be exploited to execute arbitrary PHP code via the Database Prefix field in the Database Info screen on the localhost/Cosmo/install.php li...
CVE-2018-10429
Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php...
Code injection
Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php...
CVE-2018-10429
Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php...
CVE-2018-10429
Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php...
CVE-2018-10429
Cosmo CMS 1.0.0Beta6 is affected by CVE-2018-10429. The vulnerability allows an attacker to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php. This is evidenced by multiple connected records (Red Hat, CNVD, NVD, OSV, CVE listings) describing the s...
Design/Logic Flaw
Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compliant public keys...
CVE-2012-5860
Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compliant public keys...
CVE-2012-5860
Technical details for CVE-2012-5860 are not publicly available in the provided documents. No information on affected products, root cause, or fixes is present beyond the general description. Monitor for updates.
Hacker 'Cosmo the God' Sentenced and Banned from Internet for Six Years
A 15-year-old UG Nazi hacker going by the name of Cosmo or Cosmo the God was sentenced in juvenile court on Wednesday with terms for six years without any computers or Internet, until his 21st birthday. During these 6 years, he'll need approval from his parole officer to access the internet. Wire...
Code injection
The DAV component in Chandler Server Cosmo before 0.10.1 does not check resource creation permissions, which allows remote authenticated users to create arbitrary resources in another user's home collection...
CVE-2007-6383
The CVE-2007-6383 entry concerns Chandler Server (Cosmo) prior to 0.10.1, where the DAV component fails to enforce resource creation permissions. This allows remote authenticated users to create arbitrary resources in another user’s home collection. The public documents specify the affected produ...