Lucene search
K

4 matches found

OSV
OSV
added 2023/08/15 10:15 p.m.7 views

CVE-2023-39851

webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...

9.8CVSS5.8AI score0.00708EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.5 views

SUSE CVE-2019-11388

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with nested repetition operators. NOTE: the software maintainer disputes...

5.3CVSS5.6AI score0.01625EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.7 views

SUSE CVE-2019-11389

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with next at the beginning and nested repetition operators. NOTE: the...

5.3CVSS5.6AI score0.01671EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/26 12:0 a.m.2 views

PT-2022-7468 · Ruby On Rails +2 · Action Pack +2

Name of the Vulnerable Software and Affected Versions: actionpack affected versions not specified Description: The issue is related to the incorrect neutralization of input data during web page generation, potentially leading to cross-site scripting. It affects the file actionpack/lib/action...

5.5CVSS6.2AI score0.0068EPSS
Exploits1References23
Rows per page
Query Builder