Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

appercut
appercutadded 2016/06/29 12:0 a.m.546 views

Enonic XP: source code security analysis report

Several vulnerabilities were discovered in Enonic AS 'Enonic XP' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Отсутствие верификации цифровой подписи исполняемых файлов, полученных из недоверенных источников HttpOnly...

7.4AI score
Exploits0References1Affected Software1
Hacker One
Hacker Oneadded 2014/10/12 6:11 p.m.42 views

joola.io: Weak Random Number Generator for Auth Tokens

https://github.com/joola/joola/blob/a534c3dca1a0deaec99c192978e61a35dd3a9069/lib/common/index.jsL90-L98 Math.random is not sufficient for cryptographic purposes such as authentication tokens. An example replacement that uses window.crypto.getRandomValues is available here:...

0.4AI score
Exploits0
Rows per page
Query Builder