Lucene search
K

105 matches found

Packet Storm
Packet Storm
added 2017/03/27 12:0 a.m.50 views

pfsense 2.3.2 Cross Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: pfsense 2.3.2 Fixed in: 2.3.3 Fixed Version Link: https://pfsense.org/download/ Vendor Website: https://www.pfsense.org/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 02/06/2017 Disclosed to public:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/03/17 12:0 a.m.55 views

HumHub 0.20.1 / 1.0.0-beta.3 Shell Upload

Security Advisory - Curesec Research Team 1. Introduction Affected Product: HumHub 0.20.1 / 1.0.0-beta.3 Fixed in: 1.0.0 Fixed Version https://www.humhub.org/en/download/default/form?version=1.0.0 Link: &type=zip Vendor Website: https://www.humhub.org/ Vulnerability Code Execution Type: Remote Ye...

Exploits0
Packet Storm
Packet Storm
added 2017/03/17 12:0 a.m.48 views

HumHub 1.0.1 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: HumHub 1.0.1 and earlier Fixed in: 1.1.1 Fixed Version https://www.humhub.org/en/download/default/form?version=1.1.1 Link: &type=zip Vendor Website: https://www.humhub.org/ Vulnerability XSS Type: Remote Yes Exploitable:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2017/02/18 12:0 a.m.186 views

Elefant CMS 1.3.12-RC Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant1313rc Vendor Website: https://www.elefantcms.com/ Vulnerability Code Execution Type: Remote Yes...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/02/17 12:0 a.m.43 views

Elefant CMS 1.3.12-RC Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant1313rc Vendor Website: https://www.elefantcms.com/ Vulnerability XSS Type: Remote Yes Exploitable:...

Exploits0
Packet Storm
Packet Storm
added 2017/02/17 12:0 a.m.39 views

Elefant CMS 1.3.12-RC Cross Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant1313rc Vendor Website: https://www.elefantcms.com/ Vulnerability CSRF Type: Remote Yes Exploitable:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2016/11/21 12:0 a.m.25 views

FUDforum 3.0.6 - Local File Inclusion

FUDforum 3.0.6 - Local File Inclusion Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: LFI Remote Exploitable: Yes Reported to vendor: 04/11/2016...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/11/21 12:0 a.m.35 views

LEPTON 2.2.2 - SQL Injection

LEPTON 2.2.2 - SQL Injection Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: SQL...

8.6AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/21 12:0 a.m.48 views

FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.54 views

FUDforum 3.0.6 Cross Site Request Forgery / Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.59 views

MyLittleForum 2.3.6.1 Cross Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyLittleForum 2.3.6.1 Fixed in: 2.3.7beta Fixed Version Link: https://github.com/ilosuna/mylittleforum/releases/tag/ v2.3.7beta Vendor Website: http://mylittleforum.net/ Vulnerability Type: CSRF Remote Exploitable: Yes...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.34 views

FUDforum 3.0.6 Local File Inclusion

Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: LFI Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public: 11/10/2016 Release...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.29 views

Mezzanine 4.2.0 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Mezzanine 4.2.0 Fixed in: 4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...

Exploits0
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.60 views

MoinMoin 1.9.8 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MoinMoin 1.9.8 Fixed in: 1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/05/2016 Disclosed...

4.3CVSS6.3AI score0.01186EPSS
Exploits4
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.36 views

Lepton 2.2.2 Stable Shell Upload

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: Code Execution Remote Exploitable: Yes...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.46 views

Jaws 1.1.1 Open Redirect / Object Injection / Cookie Flags

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Jaws 1.1.1 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://jaws-project.com/ Vulnerability Type: Object Injection, Open Redirect, Cookie Flags Remote Exploitable: Yes Reported to vendor: 09/05/2016...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/18 12:0 a.m.89 views

SPIP 3.1 Cross Site Scripting / Header Injection

Security Advisory - Curesec Research Team 1. Introduction Affected SPIP 3.1 Product: Fixed in: 3.1.2 / 3.0.23 Fixed Version http://www.spip.net/endownload Link: Vendor Website: http://www.spip.net/ Vulnerability Reflected & Persistent XSS, Host Header Injection, httpOnly Type: Cookie disclosure...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/10 12:0 a.m.45 views

MyBB 1.8.6 - Cross-Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 01/29/2016 Disclosed...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/11/10 12:0 a.m.33 views

MyBB 1.8.6 - Cross-Site Scripting

MyBB 1.8.6 - Cross-Site Scripting Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: XSS Remote Exploitable: Yes Report...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2016/09/19 12:0 a.m.32 views

Kajona 4.7 - Cross-Site Scripting Directory Traversal

Kajona 4.7 - Cross-Site Scripting Directory Traversal Security Advisory - Curesec Research Team 1. Introduction Affected Product: Kajona 4.7 Fixed in: 5.0 Fixed Version Link: https://www.kajona.de/en/Downloads/downloads.getkajona.html Vendor Website: https://www.kajona.de/ Vulnerability Type: XSS...

Exploits0
Rows per page
Query Builder