Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-1440

Malware in sbrugna...

4.3CVSS6.4AI score0.0118EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-1441

Malware in sbrugna...

5CVSS6.4AI score0.01392EPSS
Exploits0References5
Veracode
Veracode
added 2022/05/10 4:33 p.m.18 views

XML External Entity (XXE)

WSO2 Carbon Event Publisher is vulnerable to XML External Entity. The vulnerability exists in event receiver and publisher configurations due to not enabling the secure processing feature for XML parsing which allows an attacker to cause parse malicious XML into the system...

6.5CVSS6.3AI score0.01033EPSS
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2006/04/21 12:0 a.m.47 views

[SA19727] @1 Event Publisher Multiple Vulnerabilities

TITLE: @1 Event Publisher Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19727 VERIFY ADVISORY: http://secunia.com/advisories/19727/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: From remote SOFTWARE: @1 Event Publisher...

0.5AI score
Exploits0
NVD
NVD
added 2006/04/15 11:2 p.m.17 views

CVE-2006-1437

UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eventpublisher.txt...

5CVSS6.2AI score0.01392EPSS
Exploits0References4
Prion
Prion
added 2006/04/15 11:2 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the 1 Event, 2 Description, 3 Time, 4 Website, and 5 Public Remarks fields to a eventpublisheradmin.htm and b eventpublisherusersubmit.htm...

4.3CVSS6.1AI score0.0118EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2006/04/15 11:2 p.m.16 views

CVE-2006-1436

Multiple cross-site scripting XSS vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the 1 Event, 2 Description, 3 Time, 4 Website, and 5 Public Remarks fields to a eventpublisheradmin.htm and b eventpublisherusersubmit.htm...

4.3CVSS5.8AI score0.0118EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/04/15 11:0 p.m.22 views

CVE-2006-1437

UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eventpublisher.txt...

6.2AI score0.01392EPSS
Exploits0References4
CVE
CVE
added 2006/04/15 11:0 p.m.48 views

CVE-2006-1436

CVE-2006-1436 describes multiple cross-site scripting (XSS) vulnerabilities in the UPOINT @1 Event Publisher. The issue allows remote attackers to inject arbitrary web script or HTML via the following fields: Event, Description, Time, Website, and Public Remarks, targeting both the admin page (ev...

4.3CVSS5.8AI score0.0118EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/04/15 11:0 p.m.41 views

CVE-2006-1437

The CVE-2006-1437 entry concerns UPOINT @1 Event Publisher where sensitive information is stored under the web document root with insufficient access control. This allows remote attackers to read private comments by requesting eventpublisher.txt directly. Concrete details present in connected reco...

5CVSS6.2AI score0.01392EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/04/15 11:0 p.m.17 views

CVE-2006-1436

Multiple cross-site scripting XSS vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the 1 Event, 2 Description, 3 Time, 4 Website, and 5 Public Remarks fields to a eventpublisheradmin.htm and b eventpublisherusersubmit.htm...

5.8AI score0.0118EPSS
Exploits0References5
Rows per page
Query Builder