Lucene search
K

15 matches found

Nuclei
Nuclei
added 9 hours ago51 views

Telaen => v1.3.1 - Open Redirect

Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL. id: CVE-2013-2621 info: name: Telaen = v1.3.1 - Open Redirect author: ctflearner severity: medium description: | Open Redirection...

6.1CVSS6.6AI score0.10692EPSS
Exploits4References3
Nuclei
Nuclei
added 9 hours ago27 views

Xibo 1.2.2/1.4.1 - Directory Traversal

A directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. dot dot in the p parameter to index.php. id: CVE-2013-5979 info: name: Xibo 1.2.2/1.4.1 - Directory Traversal author: daffainfo severity:...

5CVSS6AI score0.18267EPSS
Exploits2References5
Nuclei
Nuclei
added 9 hours ago38 views

WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting

A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter. id: CVE-2013-4625 info: name: WordPress Plugin Duplicator 0.4.5 - Cross-Site Scripting...

4.3CVSS5.8AI score0.11102EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday39 views

Apache Struts - Multiple Open Redirection Vulnerabilities

Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input. id: CVE-2013-2248 info: name: Apache Struts - Multiple Open Redirection Vulnerabilities author: 0xAkoko severity: medium description: Apache Struts is prone ...

5.8CVSS6.8AI score0.94654EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday25 views

WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting

A cross-site scripting vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter. id: CVE-2013-4117 info: name: WordPress Plugin Category Grid View Gallery 2.3.1 -...

4.3CVSS5.8AI score0.12974EPSS
Exploits0References5
Nuclei
Nuclei
added 2 days ago29 views

WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal

A directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the dewfile parameter. id: CVE-2013-7240 info: name: WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal author...

5CVSS7.5AI score0.19641EPSS
Exploits2References5
Nuclei
Nuclei
added 3 days ago499 views

Javafaces LFI

An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware...

5CVSS5.8AI score0.32441EPSS
Exploits0References5
Nuclei
Nuclei
added 3 days ago69 views

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 id: CVE-2013-5528 info: name:...

8.1CVSS7.4AI score0.88559EPSS
Exploits22References4
Nuclei
Nuclei
added 5 days ago40 views

Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution

In Struts 2 before 2.3.15.1 the information following "action:", "redirect:", or "redirectAction:" is not properly sanitized and will be evaluated as an OGNL expression against the value stack. This introduces the possibility to inject server side code. id: CVE-2013-2251 info: name: Apache Struts...

9.8CVSS6.8AI score0.99998EPSS
Exploits18References5
Nuclei
Nuclei
added 2026/06/19 11:10 a.m.45 views

Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion

A directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. dot dot in the skin parameter. This can be leveraged to execute arbitrary code by obtaining LDAP...

5CVSS7.7AI score0.86196EPSS
Exploits7References5
Nuclei
Nuclei
added 2026/06/19 11:10 a.m.66 views

Apache Struts2 S2-012 RCE

Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect. id: CVE-2013-1965 info: name: Apache Struts2 S2-012 RCE author: pikpikcu...

9.3CVSS7.7AI score0.93813EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.2 views

SUSE CVE-2013-0254

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions world-readable and world-writable for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrat...

3.6CVSS6.4AI score0.00422EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.4 views

SUSE CVE-2013-5718

The dissectnbapTdCHID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dchid value, which allows remote attackers to cause a denial of service application crash via a crafted packet...

4.3CVSS7.3AI score0.01687EPSS
Exploits0References3
Nmap
Nmap
added 2016/01/06 8:47 p.m.292 views

http-vuln-cve2013-6786 NSE Script

Detects a URL redirection and reflected XSS vulnerability in Allegro RomPager Web server. The vulnerability has been assigned CVE-2013-6786. The check is general enough script tag injection via Referer header that some other software may be vulnerable in the same way. See also:...

10CVSS9.4AI score0.99448EPSS
Exploits34
Tenable Nessus
Tenable Nessus
added 2013/03/13 12:0 a.m.16 views

Fedora 17 : coreutils-8.15-10.fc17 (2013-1804)

fix multiple segmantation faults in i18n patch by SUSE 869442, 902917- CVE2013-0223/CVE2013-0221/CVE2013-0222 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

5.4AI score
Exploits0References3
Rows per page
Query Builder