Lucene search
K

56 matches found

hackapp
hackapp
added 2016/04/01 9:6 a.m.23 views

Note feather wallpaper - Base64 encoded String, Base64 encoded URLs, Corrupted files vulnerabilities

HackApp vulnerability scanner discovered that application Note feather wallpaper published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2013/03/19 10:0 p.m.58 views

CVE-2013-1857

The sanitize helper in lib/actioncontroller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : colon characters in URLs, which makes it easier for remote...

4.3CVSS5.4AI score0.01868EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/08/03 12:0 a.m.48 views

Mandriva Update for curl MDVSA-2012:058 (curl)

Check for the Version of curl OpenVAS Vulnerability Test Mandriva Update for curl MDVSA-2012:058 curl Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

7.5CVSS0.73327EPSS
Exploits4References2
securityvulns
securityvulns
added 2010/07/15 12:0 a.m.120 views

CVE-2010-2375: WebLogic Plugin HTTP Injection via Encoded URLs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: WebLogic Plugin HTTP Injection via Encoded URLs Release Date: 2010-07-13 Application: WebLogic Plugin...

6.4CVSS5.8AI score0.06509EPSS
Exploits1
Packet Storm
Packet Storm
added 2010/07/14 12:0 a.m.92 views

WebLogic Plugin HTTP Injection Via Encoded URLs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: WebLogic Plugin HTTP Injection via Encoded URLs Release Date: 2010-07-13 Application: WebLogic Plugin...

6.4CVSS0.5AI score0.06509EPSS
Exploits1
CVE
CVE
added 2008/05/13 9:0 p.m.175 views

CVE-2008-2168

CVE-2008-2168 : The linked SUSE/NVD entries describe a cross-site scripting (XSS) vulnerability in Apache HTTP Server up to version 2.2.6 and earlier, exploitable via UTF-7 encoded URLs that are mishandled when rendering the 403 Forbidden error page. Attacker-provided URL input can inject arbitra...

4.3CVSS5.4AI score0.54851EPSS
Exploits1References15Affected Software1
Debian CVE
Debian CVE
added 2008/05/13 9:0 p.m.79 views

CVE-2008-2168

Cross-site scripting XSS vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page...

4.3CVSS5.5AI score0.54851EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2006/04/08 12:0 a.m.18 views

GLSA-200604-01 : MediaWiki: XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200604-01 MediaWiki: XSS vulnerability MediaWiki fails to decode certain encoded URLs correctly. Impact : By supplying specially crafted links, a remote attacker could exploit this vulnerability to inject malicious HTML or...

4.3CVSS5.5AI score0.01749EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2005/03/13 5:0 a.m.31 views

CVE-2002-1599

Removed by vendor...

7.5CVSS7AI score0.01949EPSS
Exploits0
NVD
NVD
added 2005/01/17 5:0 a.m.12 views

CVE-2005-0290

NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension...

7.5CVSS6.9AI score0.01986EPSS
Exploits1References7
CERT
CERT
added 2002/09/26 12:0 a.m.33 views

DansGuardian content filtering proxy fails to adequately validate user input thereby allowing user to access restricted site via hex encoded URLs

Overview DansGuardian does not properly filter Description DansGuardian is an HTTP proxy server based on Squid and enhanced to filter web content. DansGuardian does not properly process URLs that contain certain unspecified hexadecimal encodings, resulting in incomplete filtering of HTTP response...

7.1AI score
Exploits0References1
NVD
NVD
added 2002/07/23 4:0 a.m.14 views

CVE-2002-1599

DansGuardian before 2.4.5-1 allows remote attackers to bypass content filtering rules via hex-encoded URLs...

7.5CVSS6.7AI score0.01949EPSS
Exploits0References5
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.21 views

CVE-2001-0530

Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters...

6.7AI score0.01861EPSS
Exploits1References4
CVE
CVE
added 2002/03/09 5:0 a.m.56 views

CVE-2001-0784

CVE-2001-0784 refers to a directory traversal flaw in Icecast 1.3.10 and earlier. The OpenVAS/Nessus-derived data confirms that an attacker can use specially crafted URLs to read arbitrary files on the affected system due to insufficient input sanitization. The vulnerability affects Icecast’s web...

5CVSS6.4AI score0.09357EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.42 views

CVE-2001-0530

Spearhead NetGAP 200 and 300 before build 78 are affected by a remote exploit that bypasses file blocking and content inspection via specially encoded URLs containing '%' characters. Impact is partial confidentiality according to CVSS v2. No explicit remediation is provided in the available docum...

5CVSS7.1AI score0.01861EPSS
Exploits1References4Affected Software2
NVD
NVD
added 2000/10/20 4:0 a.m.12 views

CVE-2000-0787

IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser...

7.5CVSS7.7AI score0.09211EPSS
Exploits0References5
Rows per page
Query Builder