Lucene search
+L

571 matches found

Openbugbounty
Openbugbounty
added 2017/11/13 1:27 p.m.13 views

gemini-coatings.com XSS vulnerability

Open Bug Bounty ID: OBB-411659 Description| Value ---|--- Affected Website:| gemini-coatings.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/01 9:18 p.m.12 views

bielskobiala.geminipark.pl XSS vulnerability

Vulnerable URL: http://bielskobiala.geminipark.pl/1/%22%3E%3Csvg/onload=%22alert'OPENBUGBOUNTY'%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2015/09/13 12:0 a.m.46 views

Yahoo Gemini Cross Site Request Forgery

Document Title: =============== Yahoo Bug Bounty 32 - CSRF bulkImport Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1552 Release Date: ============= 2015-09-03 Vulnerability Laboratory ID VL-ID: ==================================== 15...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2015/09/11 1:7 p.m.19 views

Researchers Outline Bugs in Yahoo, PayPal, Magento

Researchers recently discovered a smattering of vulnerabilities in web applications and mobile applications belonging to companies like Yahoo, PayPal, Magento, and Shopify that could have led to account theft, session hijacking, and phishing, among other consequences. Hadji Samir, Ebrahim Hegazy,...

7AI score
Exploits0References6
Vulnerability Lab
Vulnerability Lab
added 2015/09/03 12:0 a.m.49 views

Yahoo Bug Bounty #32 - CSRF bulkImport Web Vulnerability

Document Title: =============== Yahoo Bug Bounty 32 - CSRF bulkImport Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1552 Release Date: ============= 2015-09-03 Vulnerability Laboratory ID VL-ID: ==================================== 15...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/09 12:0 a.m.26 views

DreamBox DM500s Cross Site Scripting

DreamBox DM500s Reflected XSS Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Summary: The Dreambox DM500s is a Linux-powered DVB satellite, terrestrial and cable digital television receivers set-top box. Tested on: Linux Kernel 2.6.9, The Gemini Project, Enigma...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

The Gemini Portal <= 4.7 Insecure Cookie Handling Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal = 4.7 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: The Gemini Portal Version: = 4.7 File affected: admin/...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/05/13 12:0 a.m.82 views

DreamBox DM500(+) - Arbitrary File Download

DreamBox DM500+ Arbitrary File Download Vulnerability Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Affected version: DM500, DM500+, DM500HD and DM500S Summary: The Dreambox is a series of Linux-powered DVB satellite, terrestrial and cable digital television...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/05/12 12:0 a.m.27 views

DreamBox DM500+ File Download

DreamBox DM500+ Arbitrary File Download Vulnerability Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Affected version: DM500, DM500+, DM500HD and DM500S Summary: The Dreambox is a series of Linux-powered DVB satellite, terrestrial and cable digital television...

0.2AI score
Exploits0
NVD
NVD
added 2009/08/21 2:30 p.m.18 views

CVE-2008-7024

admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."...

6.8CVSS7.1AI score0.02532EPSS
Exploits1References6
Cvelist
Cvelist
added 2009/08/21 2:0 p.m.25 views

CVE-2008-7024

admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."...

7.1AI score0.02532EPSS
Exploits1References6
CVE
CVE
added 2009/08/21 2:0 p.m.42 views

CVE-2008-7024

CVE-2008-7024 affects Arz Development The Gemini Portal 4.7 and earlier. The vulnerability allows remote attackers to bypass authentication and obtain administrator privileges by manipulating the user cookie to the value "admin" and setting the name parameter to "users" in admin.php. The root cau...

6.8CVSS7.3AI score0.02532EPSS
Exploits1References6Affected Software2
NVD
NVD
added 2008/10/23 8:0 p.m.12 views

CVE-2008-4720

Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 page/forums/bottom.php and 2 page/forums/category.php...

9.3CVSS7.7AI score0.03003EPSS
Exploits1References5
Cvelist
Cvelist
added 2008/10/23 6:0 p.m.22 views

CVE-2008-4720

Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 page/forums/bottom.php and 2 page/forums/category.php...

7.7AI score0.03003EPSS
Exploits1References5
CVE
CVE
added 2008/10/23 6:0 p.m.45 views

CVE-2008-4720

The CVE-2008-4720 entry concerns The Gemini Portal 4.7, where the vulnerability is a PHP remote file inclusion. The affected functionality is exposed via the lang parameter to two pages (page/forums/bottom.php and page/forums/category.php), enabling remote code execution on the server. The core i...

9.3CVSS7.7AI score0.03003EPSS
Exploits1References5Affected Software1
securityvulns
securityvulns
added 2008/09/30 12:0 a.m.52 views

The Gemini Portal &lt;= 4.7 / Insecure Cookie Handling Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal = 4.7 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: The Gemini Portal Version: = 4.7 File affected: admin/ Download:...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2008/09/27 12:0 a.m.21 views

gemini-rfi.txt

The Gemini Portal Multiple Remote File inj. version: 4.7 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home: www.z0rlu.blogspot.com contact: [email protected] contact: [email protected] N0T: TUM iSLAM ALEMiNiN BAYRAMINI KUTLARIM...! N0T: YALNIZLIK,...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/09/27 12:0 a.m.6 views

The Gemini Portal &lt;= 4.7 Insecure Cookie Handling Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal = 4.7 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: The Gemini Portal Version: = 4.7 File affected: admin/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/09/27 12:0 a.m.18 views

The Gemini Portal (lang) Remote File Inclusion Vulnerabilities

No description provided by source. The Gemini Portal Multiple Remote File inj. version: 4.7 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home: www.z0rlu.blogspot.com contact: [email protected] contact: [email protected] N0T: TUM iSLAM ALEMiNiN...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/09/27 12:0 a.m.15 views

gemini-cookie.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simple perl script to send GET and POST packages. Fir...

7.4AI score
Exploits0
Rows per page
Query Builder