Lucene search
K

129 matches found

Cvelist
Cvelist
added 2017/08/02 7:0 p.m.26 views

CVE-2017-11355

Multiple cross-site scripting XSS vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to the main page; the 2 beanReference parameter to the JavaBean viewer page; or the 3 pyTableName to the System database schema...

6.2AI score0.03503EPSS
Exploits4References3
exploitpack
exploitpack
added 2017/07/18 12:0 a.m.60 views

PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting

PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting Summary ======= 1. Missing access control CVE-2017-11356 2. Multiple cross-site scripting CVE-2017-11355 Vendor ====== "Pegasystems Inc. is the leader in software for customer engagement and operational excellence. Pega’s adaptiv...

4.3CVSS0.03503EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/05/09 12:0 a.m.35 views

Personify360 7.5.2/7.6.1 - Improper Database Schema Access Restrictions

Exploit Title: Discover all tables and columns in database when creating new customer role Date: 3/29/2017 Exploit Author: Pesach Zirkind Vendor Homepage: https://personifycorp.com/ Version: 7.5.2 - 7.6.1 Tested on: Windows all versions CVE : CVE-2017-7314 Category: webapps 1. Description Any...

7.5CVSS7.7AI score0.03331EPSS
Exploits3
Fedora
Fedora
added 2016/06/24 11:18 p.m.17 views

[SECURITY] Fedora 22 Update: mirrormanager-1.4.4-5.fc22

MirrorManager tracks all the content provided on a master mirror server, and that of all public and private mirrors of that content. This package contains the application server, database schema and hosted tools...

9.8CVSS2.3AI score0.03378EPSS
Exploits0
Fedora
Fedora
added 2016/06/24 6:54 p.m.23 views

[SECURITY] Fedora 24 Update: mirrormanager-1.4.4-5.fc24

MirrorManager tracks all the content provided on a master mirror server, and that of all public and private mirrors of that content. This package contains the application server, database schema and hosted tools...

9.8CVSS2.3AI score0.03378EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.45 views

citrix xencenterweb (xss/sql/rce) Multiple Vulnerabilities

No description provided by source. Secure Network - Security Research Advisory Vuln name: Citrix XenCenterWeb Multiple Vulnerabilities Systems affected: Citrix XenCenterWeb Systems not affected: n/a Severity: High Local/Remote: Remote Vendor URL: http://www.citrix.com Authors: Alberto Trivero...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/06/03 7:12 p.m.193 views

Simple SQLi Dumper v5.1 - Tool to find bugs, errors or vulnerabilities in MySQL database

SSDp is an usefull penetration tool to find bugs, errors or vulnerabilities in MySQL database. Functions SQL Injection Operation System Function Dump Database Extract Database Schema Search Columns Name Read File read only Create File read only Brute Table & Column Download Simple SQLi Dumper v5....

8AI score
Exploits0
Packet Storm
Packet Storm
added 2009/02/11 12:0 a.m.17 views

Rarlab.com SQL Injection

MurderSkillz rarlab.com Home of winrar! = Here is your sql injection =P exposes tableschema - tablename - columnname I am NOT responsible for any stupidity or damage! Learn skiddies! = Fix your shit winrar...

0.3AI score
Exploits0
Cvelist
Cvelist
added 2006/07/14 9:0 p.m.22 views

CVE-2006-3610

index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information partial database schema via a modified pagename parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this...

6.5AI score0.01175EPSS
Exploits0References1
Rows per page
Query Builder