Lucene search
K

4 matches found

NVD
NVD
added 2018/01/23 12:29 a.m.14 views

CVE-2018-6014

Subsonic v6.1.3 has an insecure allow-access-from domain="" Flash cross-domain policy that allows an attacker to retrieve sensitive user information via a read request. To exploit this issue, an attacker must convince the user to visit a web site loaded with a SWF file created specifically to ste...

6.5CVSS6.3AI score0.01244EPSS
Exploits3References2
CVE
CVE
added 2018/01/23 12:0 a.m.43 views

CVE-2018-6014

CVE-2018-6014 affects Subsonic v6.1.3, where an insecure Flash cross-domain policy (allow-access-from domain="*") can enable an attacker to retrieve sensitive user information via a read request. Exploitation requires convincing a user to visit a site containing a specially crafted SWF file to st...

6.5CVSS6.2AI score0.01244EPSS
Exploits3References2Affected Software1
Vulnerability Lab
Vulnerability Lab
added 2018/01/21 12:0 a.m.42 views

Subsonic v6.1.3 - Flash Cross-Domain Policy Vulnerability

Document Title: =============== Subsonic v6.1.3 - Flash Cross-Domain Policy Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2115 Video: https://www.youtube.com/watch?v=t3nYuhAHOMg http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6014...

6.5CVSS6.6AI score0.01244EPSS
Exploits3
Vulnerability Lab
Vulnerability Lab
added 2018/01/21 12:0 a.m.80 views

Subsonic v6.1.3 - Flash Cross-Domain Policy Vulnerability

Document Title: =============== Subsonic v6.1.3 - Flash Cross-Domain Policy Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2115 Video: https://www.youtube.com/watch?v=t3nYuhAHOMg http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6014...

4.3CVSS6.6AI score0.01244EPSS
Exploits3
Rows per page
Query Builder