Lucene search
K

78 matches found

Openbugbounty
Openbugbounty
added 2018/08/01 8:45 a.m.13 views

divecenterforsale.com XSS vulnerability

Open Bug Bounty ID: OBB-657016 Description| Value ---|--- Affected Website:| divecenterforsale.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Exploit DB
Exploit DB
added 2017/11/27 12:0 a.m.64 views

Diving Log 6.0 - XML External Entity Injection

Exploit Title: Diving Log 6.0 XXE Injection + Date: 27-11-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.divinglog.de + Software Link: http://www.divinglog.de/english/download/ + Disclosed at: https://thenopsled.com/divinglog.txt + Version: 6.0 + Tested on: Windows 7 SP1,...

5.5CVSS5.5AI score0.03663EPSS
Exploits5
Openbugbounty
Openbugbounty
added 2017/11/08 6:19 p.m.9 views

dive-arena.ru Open Redirect vulnerability

Open Bug Bounty ID: OBB-401600 Description| Value ---|--- Affected Website:| dive-arena.ru Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet Vulnerab...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/09/13 12:0 a.m.2 views

Blackware Dive Assistant XML External Entity Injection Vulnerability

Blackware Dive Assistant desktop version is a suite of dive assistant software from Blackware UK. The software is used to record, analyze and plan dive tools, dive tables etc. An XML external entity injection vulnerability exists in version 8.0 of Blackware Dive Assistant Desktop Edition. A remot...

5.5CVSS7.1AI score0.02208EPSS
Exploits3References1
OSV
OSV
added 2017/09/12 6:29 p.m.4 views

CVE-2017-8918

XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file...

5.5CVSS5.8AI score0.02208EPSS
Exploits3References1
NVD
NVD
added 2017/09/12 6:29 p.m.17 views

CVE-2017-8918

XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file...

5.5CVSS5.2AI score0.02208EPSS
Exploits3References1
Prion
Prion
added 2017/09/12 6:29 p.m.9 views

Design/Logic Flaw

XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file...

4.3CVSS5.2AI score0.02208EPSS
Exploits3References1Affected Software1
CVE
CVE
added 2017/09/12 6:0 p.m.54 views

CVE-2017-8918

XXE in Blackwave Dive Assistant – Desktop Edition 8.0 (Dive Assistant Template Builder) allows an attacker to view local files via a crafted template.xml. The vulnerability is XML External Entity (XXE) injection in the template builder that processes XML templates, enabling local-file disclosure....

5.5CVSS5.2AI score0.02208EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2017/09/12 6:0 p.m.19 views

CVE-2017-8918

XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file...

5.2AI score0.02208EPSS
Exploits3References1
exploitpack
exploitpack
added 2017/05/12 12:0 a.m.31 views

Dive Assistant Template Builder 8.0 - XML External Entity Injection

Dive Assistant Template Builder 8.0 - XML External Entity Injection + Exploit Title: Dive Assistant - Template Builder XXE Injection + Date: 12-05-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.blackwave.com/ + Software Link:...

4.3CVSS0.1AI score0.02208EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/05/12 12:0 a.m.31 views

Dive Assistant Template Builder 8.0 - XML External Entity Injection

Exploit Title: Dive Assistant - Template Builder XXE Injection + Date: 12-05-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.blackwave.com/ + Software Link: http://www.diveassistant.com/Products/DiveAssistantDesktop/index.aspx + Version: 8.0 + Tested on: Windows 7 SP1, Windows...

5.5CVSS5.6AI score0.02208EPSS
Exploits3
hackapp
hackapp
added 2016/04/01 9:4 a.m.12 views

Tuscany Dive - Native code usage, Possible privilege escalation, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Tuscany Dive published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2015/01/13 12:0 a.m.45 views

Heroku API Deep Dive Script Insertion

Document Title: =============== Heroku API Deep Dive Bug Bounty 3 - Persistent UI Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1398 BugCrowd ID: 6b37910a3c5685b944a3ad65068aa251af47450953a06b8b13d74b35d708f6b0 Acknowledgement Hall of Fame:...

7.4AI score
Exploits0
NVD
NVD
added 2014/10/04 10:55 a.m.17 views

CVE-2014-6913

The Dive The World aka com.paperton.wl.divetheworld application 1.53 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References3
CVE
CVE
added 2014/10/04 10:0 a.m.39 views

CVE-2014-6913

CVE-2014-6913 affects the Android app Dive The World (package com.paperton.wl.divetheworld) version 1.53. The vulnerability is that the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and exfiltrate sensitive information via a crafted...

5.4CVSS6AI score0.00266EPSS
Exploits0References3Affected Software1
Fedora
Fedora
added 2014/09/27 9:47 a.m.19 views

[SECURITY] Fedora 20 Update: subsurface-4.2-1.fc20.1

Subsurface is an open source dive log program. Developed in C using GTK+-2.0, glib-2 and libxml-2, it relies on libdivecomputer to connect to the dive computer and thus support all the dive computer supported by libdivecomputer...

6.9CVSS1.8AI score0.00359EPSS
Exploits1
Packet Storm
Packet Storm
added 2010/06/29 12:0 a.m.24 views

Dive Trip Calculator Cross Site Scripting / SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

0.3AI score
Exploits0
0day.today
0day.today
added 2010/06/29 12:0 a.m.21 views

Dive Trip Calculator Xss & SQL Injection Vulnerabilities

Exploit for php platform in category web applications ======================================================== Dive Trip Calculator Xss & SQL Injection Vulnerabilities ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...

7.1AI score
Exploits0
Rows per page
Query Builder