Lucene search
K

94 matches found

CNNVD
CNNVD
added 2021/03/01 12:0 a.m.7 views

matrix-react-sdk 数据伪造问题漏洞

Travis Ralston matrix-react-sdk is an open source application by Travis Ralston. It is used to insert the Matrix chat/voice client into web pages. A security vulnerability exists in matrix-react-sdk before version 3.15.0, which stems from the possibility that user content sandboxing could be abus...

4.3CVSS5.1AI score0.00922EPSS
Exploits0References6
Hacker One
Hacker One
added 2020/04/04 5:48 a.m.21 views

WHO COVID-19 Mobile App: Improper Input Validation on User's Location on PUT /WhoService/putLocation Could Affect Availability/Falsify Users

Summary: Note: I noticed that that the team has fixed issues like an XSS that's caused only from a header value typically OOS since it's not directly exploitable https://github.com/WorldHealthOrganization/app/pull/855, so in the spirit of this I'm also reporting another "good-to-fix" issue. On th...

6.2AI score
Exploits0
CNVD
CNVD
added 2018/05/16 12:0 a.m.2 views

Rest Devices Mimo Baby Man-in-the-Middle Attack Vulnerability

Rest Devices Mimo Baby is a baby sleep tracker device from Rest Devices UK. A security vulnerability exists in Rest Devices Mimo Baby version 2, which stems from the program failing to properly perform authentication or encryption for Bluetooth Low Energy BLE communication between the Turtle and...

5.3CVSS5.5AI score0.00194EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/08/07 12:0 a.m.7 views

The vulnerability of the microprogramming software of the Cisco TelePresence ISDN Gateway allows a perpetrator to access the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence ISDN Gateway relates to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

6.8CVSS5.6AI score0.00996EPSS
Exploits0References2
myhack58
myhack58
added 2014/11/23 12:0 a.m.18 views

webwinmail to brute force crack the falsification of any of the mailbox the sender-vulnerability warning-the black bar safety net

First of all, we landed an account test02,as shown: ! 7. png We test01 set up inside a proxy of the sender, here we set another account name called test02 ! 8. png ! 9. png We go to test01 view: ! 1 0. png We violence to crack this CAPTCHA: ! 1 1. png ! 1 2. png Hack is finished, we look at: ! 1 ...

1.1AI score
Exploits0
myhack58
myhack58
added 2014/11/17 12:0 a.m.22 views

PHP WDDX Serializier Data Injection Vulnerability-vulnerability warning-the black bar safety net

PHP WDDX Serializier Data Injection Vulnerability Taoguang Chen - 2014.11.2 PHP in the array is serialized into a WDDX structure of the process, there is no array key name strictly limited, can lead to falsification of the object WDDX structure. i serialize the object PHP in the object is...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Microsoft Internet Explorer 6.0 Meta Data Foreign Domain Spoofing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10248/info A vulnerability has been reported in Microsoft Internet Explorer that may facilitate certificate spoofing. This issue could aid in attacks which falsify web content to victim users. The cause of the vulnerabili...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification

No description provided by source. PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification Credits: Emanuele 'emgent' Gentili [email protected] Marco 'whitesheep' Rondini [email protected] Alessandro 'scox' Scoscia [email protected] In error.php, PhpMyAdmi...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2013/04/15 12:0 a.m.200 views

CVE-2013-0798 : World read and write access to app_tmp directory on Android

Fourteenforty Research Institute, Inc. Security Advisory World read and write access to apptmp directory on Firefox for Android 2013/04/02 === Summary === World read and write access to apptmp directory on Firefox for Android allows replacing Firefox add-ons. === Severity === Middle === Affected...

4.3CVSS8.3AI score0.00994EPSS
Exploits0
myhack58
myhack58
added 2011/04/08 12:0 a.m.13 views

Tencent Weibo falsification of information vulnerability, other microblogging is also affected by the impact-vulnerability warning-the black bar safety net

Brief description: Can be forged to anyone on Twitter, April Fools ' day entertainment the vulnerability, we know. Detailed description: In the meager dialogue and the broadcast send: Test || @mA:I'm not mA Can disguise mA huateng participate in the dialogue. Vulnerability to prove: Repair...

0.6AI score
Exploits0
0day.today
0day.today
added 2010/12/07 12:0 a.m.44 views

PhpMyAdmin Client Side 0Day Code Injection and Link Falsification

Exploit for php platform in category web applications ================================================================= PhpMyAdmin Client Side 0Day Code Injection and Link Falsification ================================================================= Credits: Emanuele 'emgent' Gentili Marco...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/12/06 12:0 a.m.21 views

phpMyAdmin - Client-Side Code Injection Redirect Link Falsification

phpMyAdmin - Client-Side Code Injection Redirect Link Falsification PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification Credits: Emanuele 'emgent' Gentili Marco 'whitesheep' Rondini Alessandro 'scox' Scoscia In error.php, PhpMyAdmin permit to insert text and restricted tag,...

Exploits0
Packet Storm
Packet Storm
added 2007/09/26 12:0 a.m.25 views

jspwiki-xss.txt

Application: JSPWiki Multiple Vulnerabilities Version: 2.4.103 and 2.5.139 Credit: Jason Kratzer Date: 9/24/2007 Background ------------------------------------------------------------ JSPWiki is wiki software built around the standard J2EE components of Java, servlets and JSP. It was written by...

7.4AI score
Exploits0
Prion
Prion
added 2006/02/23 11:2 p.m.19 views

Crlf injection

Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."...

7.5CVSS7.6AI score0.02449EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder