Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2021/04/19 2:52 p.m.0 views

GHSA-RP4X-WXQV-CF9M Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13

Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 Vaadin 10.0.0 through 10.0.13, and 1.1.0 through 1.4.2 Vaadin 11.0.0 through 13.0.5 allows attacker to execute malicious JavaScript via crafted URL. -...

6.1CVSS6AI score0.00371EPSS
Exploits0References4
OSV
OSVadded 2017/12/29 12:0 a.m.2 views

UBUNTU-CVE-2017-7846

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...

8.8CVSS7.3AI score0.01283EPSS
Exploits0References4
Citrix
Citrixadded 2016/09/16 12:0 a.m.4 views

How to change default view on storefront website.

When we access Storefront site, the page directly lands to Favorites tab. How to change it?...

7.1AI score
Exploits0
NVD
NVDadded 2014/03/14 5:55 p.m.14 views

CVE-2013-0300

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary 2 Google Drive or 3 Dropbox...

6.8CVSS7.3AI score0.00101EPSS
Exploits0References1
Prion
Prionadded 2014/03/14 5:55 p.m.19 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary 2 Google Drive or 3 Dropbox...

6.8CVSS7.8AI score0.00101EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCveadded 2014/03/14 5:55 p.m.20 views

CVE-2013-0300

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary 2 Google Drive or 3 Dropbox...

6.8CVSS6AI score0.00101EPSS
Exploits0References2
securityvulns
securityvulnsadded 2011/10/10 12:0 a.m.39 views

Medium severity flaw with Ark

I recently discovered that the Ark archiving tool is vulnerable to directory traversal via malformed. When attempts are made to view files within the malformed Zip file in Ark's default view, the wrong file may be displayed due to incorrect construction of the temporary file name. Whilst this doe...

6.8CVSS0.7AI score0.00381EPSS
Exploits2
Rows per page
Query Builder