Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6645 matches found

Atlassian
Atlassianadded 2008/02/01 12:29 p.m.27 views

Project name that contains double-quote is not properly escaped on Issue Navigator page

If a project has a double-quote in its name, it's not xml-escaped when used in "title" attribute. For example, if we have a project named 14" monitors, the html will look like: 14" monitors This causes JIRA Client to hiccup on this page and lose a lot of functionality. On web browser, the title i...

1.6AI score
Exploits0
Atlassian
Atlassianadded 2008/02/01 12:29 p.m.16 views

Project name that contains double-quote is not properly escaped on Issue Navigator page

If a project has a double-quote in its name, it's not xml-escaped when used in "title" attribute. For example, if we have a project named 14" monitors, the html will look like: 14" monitors This causes JIRA Client to hiccup on this page and lose a lot of functionality. On web browser, the title i...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2008/02/01 12:29 p.m.25 views

Project name that contains double-quote is not properly escaped on Issue Navigator page

If a project has a double-quote in its name, it's not xml-escaped when used in "title" attribute. For example, if we have a project named 14" monitors, the html will look like: 14" monitors This causes JIRA Client to hiccup on this page and lose a lot of functionality. On web browser, the title i...

1.6AI score
Exploits0Affected Software1
seebug.org
seebug.orgadded 2008/01/22 12:0 a.m.16 views

OZJournals 2.1.1 (id) File Disclosure Vulnerability

No description provided by source. Name: OZJournals 2.1.1 Webiste: http://www.aqonlinenetworks.com/ Vulnerability type: Local File Exposure Author: shinmai, 2008-01-21 Description: OZJournals uses .php-files as it's storage, and posts are read from them with the getcontents-function. This protect...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2008/01/22 12:0 a.m.21 views

ozjournals-disclose.txt

Name: OZJournals 2.1.1 Webiste: http://www.aqonlinenetworks.com/ Vulnerability type: Local File Exposure Author: shinmai, 2008-01-21 Description: OZJournals uses .php-files as it's storage, and posts are read from them with the getcontents-function. This protects from traditional LFI-exploits, bu...

7.4AI score
Exploits0
0day.today
0day.todayadded 2008/01/21 12:0 a.m.18 views

OZJournals 2.1.1 (id) File Disclosure Vulnerability

Exploit for unknown platform in category web applications =================================================== OZJournals 2.1.1 id File Disclosure Vulnerability =================================================== Name: OZJournals 2.1.1 Webiste: http://www.aqonlinenetworks.com/ Vulnerability type:...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2008/01/21 12:0 a.m.14 views

OZJournals 2.1.1 - id File Disclosure

OZJournals 2.1.1 - id File Disclosure Name: OZJournals 2.1.1 Webiste: http://www.aqonlinenetworks.com/ Vulnerability type: Local File Exposure Author: shinmai, 2008-01-21 Description: OZJournals uses .php-files as it's storage, and posts are read from them with the getcontents-function. This...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2008/01/21 12:0 a.m.38 views

OZJournals 2.1.1 - 'id' File Disclosure

Name: OZJournals 2.1.1 Webiste: http://www.aqonlinenetworks.com/ Vulnerability type: Local File Exposure Author: shinmai, 2008-01-21 Description: OZJournals uses .php-files as it's storage, and posts are read from them with the getcontents-function. This protects from traditional LFI-exploits, bu...

7.4AI score
Exploits0
NVD
NVDadded 2007/12/28 9:46 p.m.13 views

CVE-2007-6569

Cross-site scripting XSS vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246...

4.3CVSS5.8AI score0.00565EPSS
Exploits0References6
xssed
xssedadded 2007/12/18 12:0 a.m.11 views

Unfixed XSS vulnerability at www.emiliaromagnalavoro.it

Security researcher Langy, has submitted on 18/12/2007 a cross-site-scripting XSS vulnerability affecting www.emiliaromagnalavoro.it, which at the time of submission ranked 3937609 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/12/2007. It ...

6.6AI score
Exploits0References1
Fedora
Fedoraadded 2007/12/15 7:31 p.m.12 views

[SECURITY] Fedora 8 Update: xfce4-places-plugin-1.0.0-2.fc8

A menu with quick access to folders, documents, and removable media. The Places plugin brings much of the functionality of GNOME=E2=80=99s Places me nu to Xfce. It puts a simple button on the panel. Clicking on this button opens up a menu with 4 sections: 1 System-defined directories home folder,...

1.6AI score
Exploits0
Fedora
Fedoraadded 2007/12/15 7:29 p.m.11 views

[SECURITY] Fedora 7 Update: xfce4-places-plugin-1.0.0-2.fc7

A menu with quick access to folders, documents, and removable media. The Places plugin brings much of the functionality of GNOME=E2=80=99s Places me nu to Xfce. It puts a simple button on the panel. Clicking on this button opens up a menu with 4 sections: 1 System-defined directories home folder,...

1.6AI score
Exploits0
Prion
Prionadded 2007/12/15 1:46 a.m.14 views

Stack overflow

Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string...

7.5CVSS8.7AI score0.82776EPSS
Exploits4References9Affected Software1
NVD
NVDadded 2007/12/15 1:46 a.m.25 views

CVE-2007-6377

Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string...

7.5CVSS8.1AI score0.82776EPSS
Exploits4References9
xssed
xssedadded 2007/12/02 12:0 a.m.8 views

Unfixed XSS vulnerability at www.oekotest.de

Security researcher TotalSchaden, has submitted on 12/02/2007 a cross-site-scripting XSS vulnerability affecting www.oekotest.de, which at the time of submission ranked 73185 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/02/2007. It is...

Exploits0References1
xssed
xssedadded 2007/12/02 12:0 a.m.14 views

Unfixed XSS vulnerability at www.bibel-online.net

Security researcher TotalSchaden, has submitted on 12/02/2007 a cross-site-scripting XSS vulnerability affecting www.bibel-online.net, which at the time of submission ranked 275395 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/02/2007. It ...

Exploits0References1
xssed
xssedadded 2007/11/27 12:0 a.m.7 views

Unfixed XSS vulnerability at www.cbidirectory.co.uk

Security researcher Genocide, has submitted on 27/11/2007 a cross-site-scripting XSS vulnerability affecting www.cbidirectory.co.uk, which at the time of submission ranked 994004 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/11/2007. It is...

6.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2007/11/16 12:0 a.m.28 views

RHEL 4 : wireshark (RHSA-2007:0709)

New Wireshark packages that fix various security vulnerabilities and functionality bugs are now available for Red Hat Enterprise Linux 4. Wireshark was previously known as Ethereal. This update has been rated as having low security impact by the Red Hat Security Response Team. Wireshark is a...

7.8CVSS5.3AI score0.26461EPSS
Exploits2References12
Prion
Prionadded 2007/11/13 10:46 p.m.11 views

Design/Logic Flaw

The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a form field in an MDB2...

4.3CVSS6.3AI score0.00938EPSS
Exploits0References12Affected Software1
NVD
NVDadded 2007/11/13 10:46 p.m.9 views

CVE-2007-5934

The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a form field in an MDB2...

4.3CVSS6.1AI score0.00938EPSS
Exploits0References12
Rows per page
Query Builder