Lucene search
K

8690 matches found

Cvelist
Cvelist
added 2018/03/28 4:0 a.m.25 views

CVE-2018-9107

CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export...

8.8AI score0.07419EPSS
Exploits5References4
n0where
n0where
added 2018/03/18 3:19 p.m.37 views

Next Generation Graphical Network Analyzer: Deplug

Deplug is a graphical network analyzer powered by web technologies. Features Cross-Platform macOS, Linux, Windows Web-based UI Built-in Package Manager SDK for JavaScript and Rust Concurrency Support Import / Export Deplug supports following formats by default. Pcap File .pcap Preferences...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2018/03/06 12:0 a.m.2 views

Zonemaster Web GUI Cross-Site Scripting Vulnerability

Zonemaster Web GUI is an open source Web graphical user interface in the Zonemaster project . A cross-site scripting vulnerability exists in the lib/Zonemaster/GUI/Dancer/Export.pm file in Zonemaster Web GUI. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML...

6.1CVSS6.3AI score0.01228EPSS
Exploits0References1
Prion
Prion
added 2018/03/04 1:29 a.m.14 views

Cross site scripting

lib/Zonemaster/GUI/Dancer/Export.pm in Zonemaster Web GUI before 1.0.11 has XSS...

4.3CVSS6.3AI score0.01228EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2018/03/04 1:0 a.m.36 views

CVE-2018-7652

CVE-2018-7652 affects Zonemaster Web GUI, specifically lib/Zonemaster/GUI/Dancer/Export.pm, with a cross-site scripting (XSS) vulnerability present in versions before 1.0.11. The issue is triggered by unsanitized data in the Export.pm component, enabling injection of arbitrary script or HTML. Pub...

6.1CVSS6.2AI score0.01228EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2018/03/01 3:58 p.m.25 views

[SECURITY] Fedora 26 Update: phpMyAdmin-4.7.8-1.fc26

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

5.4CVSS1.3AI score0.01618EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2018/02/20 6:36 p.m.56 views

Qualys Cloud Platform 2.32 New Features

This release of the Qualys Cloud Platform version 2.32 includes updates and new features for AssetView, EC2 Connector, File Integrity Monitoring, Indication of Compromise, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. Post update...

7AI score
Exploits0
OSV
OSV
added 2018/02/09 11:29 p.m.0 views

UBUNTU-CVE-2018-1000028

Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server nfsd that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS...

7.4CVSS6.8AI score0.01411EPSS
Exploits0References2
CNVD
CNVD
added 2018/02/09 12:0 a.m.3 views

Quest NetVault Backup Denial of Service Vulnerability

Quest NetVault Backup is a scalable data backup and recovery solution for organizations with multiple IT environments. A denial of service vulnerability exists in the handling of Export requests in Quest NetVault Backup 11.2.0.13. The vulnerability arises due to a failure to properly validate a...

8.5CVSS6.8AI score0.05029EPSS
Exploits0References1
OSV
OSV
added 2018/02/08 6:29 p.m.5 views

CVE-2018-1162

This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw...

8.1CVSS5.8AI score0.05029EPSS
Exploits0References1
Prion
Prion
added 2018/02/08 6:29 p.m.13 views

Design/Logic Flaw

This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw...

8.5CVSS8AI score0.05029EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/08 6:0 p.m.14 views

CVE-2018-1162

This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw...

8.1AI score0.05029EPSS
Exploits0References1
0day.today
0day.today
added 2018/02/07 12:0 a.m.1109 views

Uniview - Remote Command Execution / Export Config (PoC) Vulnerability

Exploit for multiple platform in category remote exploits STX Subject: Uniview RCE and export config PoC Researcher: bashis October 2017 Attack Vector: Remote Authentication: Anonymous no credentials needed Export config...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/01/30 12:0 a.m.5 views

WordPress Email Subscribers & Newsletters Plugin Information Disclosure Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.Email Subscribers & Newsletters plugin is used in one of the push message plugin. An information disclosure vulnerability exists in...

7.5CVSS6.1AI score0.03277EPSS
Exploits2References1
OSV
OSV
added 2018/01/26 8:29 p.m.4 views

CVE-2018-6015

An issue was discovered in the "Email Subscribers & Newsletters" plugin before 3.4.8 for WordPress. Sending an HTTP POST request to a URI with /?es=export at the end, and adding option=viewallsubscribers in the body, allows downloading of a CSV data file with all subscriber data...

7.5CVSS5.8AI score0.03277EPSS
Exploits2References3
Kitploit
Kitploit
added 2018/01/26 12:47 p.m.17 views

Wavecrack - Web Interface For Password Cracking With Hashcat

A user-friendly Web interface to share an hashcat cracking box among multiple users with some pre-defined options. Screenshots The homepage Adding an hash to crack Seeing the results and some stats Outline This Web application can be used to launch asynchronous password cracks with hashcat. The...

7.2AI score
Exploits0References11
NVD
NVD
added 2018/01/23 6:29 a.m.16 views

CVE-2017-18049

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

5.5CVSS5.4AI score0.00916EPSS
Exploits1References2
Prion
Prion
added 2018/01/23 6:29 a.m.14 views

Design/Logic Flaw

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

4.3CVSS5.4AI score0.00916EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2018/01/23 6:29 a.m.14 views

CVE-2017-18049

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

5.5CVSS5.7AI score
Exploits0References2
Cvelist
Cvelist
added 2018/01/23 6:0 a.m.21 views

CVE-2017-18049

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

5.3AI score0.00916EPSS
Exploits1References2
Rows per page
Query Builder