Lucene search
K

28 matches found

Hacker One
Hacker One
added 2024/01/25 2:7 p.m.63 views

Publitas: CVE-2018-6389 exploitation - using scripts loader

An unauthenticated denial of service vulnerability in WordPress was discovered, tracked as CVE-2018-6389. By requesting a large number of JavaScript files through the load-scripts.php endpoint, an attacker could consume excessive resources on the server. This vulnerability could allow denial of...

7.5CVSS7.2AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2023/03/19 6:49 p.m.90 views

Fastly VDP: CVE-2018-6389 exploitation - using scripts loader

Vulnerability description not provided...

7.5CVSS7.3AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2023/02/27 6:52 a.m.99 views

U.S. Dept Of Defense: DoS at █████(CVE-2018-6389)

A vulnerability in WordPress allowed unauthenticated attackers to launch a denial of service attack by listing a large number of registered .js files from wp-includes/script-loader.php. The vulnerability was assigned CVE-2018-6389. Attackers could use this function to deplete server resources and...

7.5CVSS7.3AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2023/02/03 5:44 p.m.191 views

U.S. Dept Of Defense: DoS at ████████ (CVE-2018-6389)

An unauthenticated attacker could cause a denial of service resource consumption on a WordPress site by using the large list of registered .js files to construct a series of requests to load every file many times. The vulnerability was registered as CVE-2018-6389...

7.5CVSS7.2AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2022/03/14 7:18 p.m.54 views

Adobe: DoS of https://research.adobe.com/ via CVE-2018-6389 exploitation

The researcher successfully exploited CVE-2018-6389 on https://research.adobe.com/. We appreciate the collaboration and the responsible disclosure...

5CVSS1.1AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2021/05/06 6:53 p.m.356 views

Sifchain: Possibility of DoS attack at https://sifchain.finance// via CVE-2018-6389 exploitation

There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details Detailed attack scenario is described for example here:...

5CVSS7.4AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2020/07/29 1:5 p.m.65 views

MTN Group: [mtn.com.af] Multiple vulnerabilities allow to Application level DoS

Issue Description Unauthenticated attackers can cause a denial of service resource consumption by using the large list of registered .js files from wp-includes/script-loader.php to construct a series of requests to load every file many times. The vulnerability is registered as CVE-2018-6389 76172...

5CVSS0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2020/07/16 3:41 p.m.332 views

MTN Group: CVE-2018-6389 exploitation - using scripts loader

Issue Description Unauthenticated attackers can cause a denial of service resource consumption by using the large list of registered .js files from wp-includes/script-loader.php to construct a series of requests to load every file many times. The vulnerability is registered as CVE-2018-6389 76172...

5CVSS0.1AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2020/01/18 3:49 a.m.273 views

BlockDev Sp. Z o.o: DoS of https://blog.makerdao.com/ via CVE-2018-6389

DoS of https://blog.makerdao.com/ via CVE-2018-6389...

5CVSS0.6AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2019/12/07 4:20 a.m.403 views

Yelp: DoS of https://blog.yelp.com/ and other WP instances via CVE-2018-6389

Description: There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details: Detailed attack scenario is described for example here:...

5CVSS0.6AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2019/12/05 2:58 p.m.224 views

Nord Security: DoS of https://nordvpn.com/ via CVE-2018-6389 exploitation

There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details Detailed attack scenario is described for example here:...

5CVSS7.4AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2019/09/13 2:58 p.m.368 views

OLX: load scripts DOS vulnerability

1 vulnerability description WordPress allows users to load multiple JS files and CSS files through load-scripts.php files at once. For example, https://wpwebsite.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery-ui-core,editor&ver=4.9.1, file load-scripts.php will load jquery-ui-core and editor...

5CVSS0.1AI score0.73098EPSS
Exploits11
Hacker One
Hacker One
added 2019/09/07 11:24 p.m.212 views

MariaDB: scripts loader (denial of service) vulnerability

1 vulnerability description WordPress allows users to load multiple JS files and CSS files through load-scripts.php files at once. For example, https://wpwebsite.com/wp-admin/load-scripts.php?c=1&load=jquery-ui-core,editor&ver=4.9.1, file load-scripts.php will load jquery-ui-core and editor files...

5CVSS0.2AI score0.73098EPSS
Exploits11
Openbugbounty
Openbugbounty
added 2018/10/06 2:42 p.m.60 views

samoa-do-vip.randco.fr XSS vulnerability

Open Bug Bounty ID: OBB-683182 Description| Value ---|--- Affected Website:| samoa-do-vip.randco.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/13 12:0 a.m.208 views

WordPress < 4.9.5 Multiple Vulnerabilities

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.9.5. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid109034; scriptversion"1.12";...

7.5CVSS7.4AI score0.73098EPSS
Exploits11References3
Hacker One
Hacker One
added 2018/04/09 9:10 p.m.439 views

LocalTapiola: DoS of www.lahitapiolarahoitus.fi via CVE-2018-6389 exploitation

Description There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details Detailed attack scenario is described for example here:...

5CVSS0.2AI score0.73098EPSS
Exploits11
Openbugbounty
Openbugbounty
added 2018/02/27 1:24 p.m.14 views

premium.wpmudev.org XSS vulnerability

Open Bug Bounty ID: OBB-569629 Description| Value ---|--- Affected Website:| premium.wpmudev.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Akamai Blog
Akamai Blog
added 2018/02/15 1:0 p.m.138 views

Wordpress DoS Attack: CVE-2018-6389

Overview On February 5, an Israeli security researcher, Barak Tawily, discovered a Denial of Service DoS attack impacting all 3.x-4.x versions of the Wordpress content management platform. The vulnerability is currently unpatched and relies on a performance boosting feature in Wordpress allowing...

7.2AI score0.73098EPSS
Exploits11
Circl
Circl
added 2018/02/14 9:33 a.m.41 views

CVE-2018-6389

creationtimestamp| type| source ---|---|--- 2018-02-14 09:33:59+00:00| exploited| https://t.me/canyoupwnme/3262 2018-04-09 06:36:01+00:00| seen| https://t.me/codebysec/1344 2019-11-21 11:20:46+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/3397 2020-01-08 15:00:20+00:00|...

7.5CVSS7.3AI score0.73098EPSS
Exploits11References23
UbuntuCve
UbuntuCve
added 2018/02/06 5:29 p.m.117 views

CVE-2018-6389

In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service resource consumption by using the large list of registered .js files from wp-includes/script-loader.php to construct a series of requests to load every file many times...

7.5CVSS7.2AI score0.73098EPSS
Exploits11References4
Rows per page
Query Builder