Lucene search
K

15 matches found

CNVD
CNVD
added 2025/02/10 12:0 a.m.20 views

Cisco Identity Services Engine Cross-Site Scripting Vulnerability (CNVD-2025-03533)

Cisco Identity Services Engine is an environment-aware platform from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in the Cisco Identity Services Engine WEB interface, which can be exploited by a remote attacker to inject malicious script or HTML code, which can be use...

4.8CVSS5.6AI score0.00314EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/12 12:0 a.m.17 views

IR615 Router Cross-Site Scripting Vulnerability (CNVD-2021-82946)

The IR615 Router is a 4G industrial router from Rimu Technologies, China. IR615 Router has a cross-site scripting vulnerability that could be exploited to hijack user sessions connected to the system...

3.5CVSS1.7AI score0.00537EPSS
Exploits0
Veracode
Veracode
added 2020/04/10 1:6 a.m.21 views

Authorization Bypass

modcluster is vulnerable to authorization bypass. The vulnerability exists as it was found that modcluster allowed worker nodes to register on any virtual host vhost, regardless of the security constraints applied to other vhosts. In a typical environment, there will be one vhost configured...

7.5CVSS2.7AI score0.03197EPSS
Exploits1References18Affected Software2
Prion
Prion
added 2018/06/18 6:29 p.m.11 views

Session fixation

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request...

5CVSS7.5AI score0.01334EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/06/18 6:0 p.m.40 views

CVE-2018-9026

CA Privileged Access Manager 2.x is affected by CVE-2018-9026, a session fixation vulnerability that could allow remote attackers to hijack user sessions via a specially crafted request. The CNVD/NVD entries confirm the affected product version (2.x) and the vulnerability class but do not provide...

7.5CVSS7.4AI score0.01334EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:12 a.m.25 views

Security Bulletin: Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by multiple Apache Tomcat vulnerabilities

Summary Apache Tomcat is vulnerable to a number of security issues affecting the Rational Test Control Panel component in IBM Rational Test Workbench and Rational Test Virtualization Server. Vulnerability Details CVE-ID: CVE-2015-5345 Description: Apache Tomcat could allow a remote attacker to...

8.8CVSS0.5AI score0.1838EPSS
Exploits0Affected Software2
exploitpack
exploitpack
added 2017/05/25 12:0 a.m.77 views

Sophos Cyberoam - Cross-site scripting

Sophos Cyberoam - Cross-site scripting Exploit Title: Sophos Cyberoam – Cross-site scripting XSS vulnerability Date: 25/05/2017 Exploit Author: Bhadresh Patel Version: = Firmware Version 10.6.4 CVE : CVE-2016-9834 This is an article with video tutorial for Sophos Cyberoam – Cross-site scripting X...

4.3CVSS0.1AI score0.01827EPSS
Exploits3
GitLab Advisory Database
GitLab Advisory Database
added 2016/04/01 12:0 a.m.37 views

Cross-site request forgery

Administrate::ApplicationController actions don't have CSRF protection. Remote attackers can hijack user's sessions and use any functionality that administrate exposes on their behalf...

5.4CVSS4.9AI score0.00316EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2009/11/10 12:0 a.m.27 views

CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass

CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, an...

Exploits0
exploitpack
exploitpack
added 2009/11/10 12:0 a.m.26 views

CuteNews 1.4.6 - result Cross-Site Scripting

CuteNews 1.4.6 - result Cross-Site Scripting source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2009/11/10 12:0 a.m.22 views

CuteNews 1.4.6 - from_date_day Full Path Disclosure

CuteNews 1.4.6 - fromdateday Full Path Disclosure source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/11/10 12:0 a.m.20 views

CuteNews 1.4.6 - search.php Multiple Cross-Site Scripting Vulnerabilities

CuteNews 1.4.6 - search.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/10 12:0 a.m.33 views

CuteNews 1.4.6 - 'from_date_day' Full Path Disclosure

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/10 12:0 a.m.37 views

CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2006/02/02 12:0 a.m.27 views

UebiMiauXSS.txt

I.Vulnerability UebiMiau Webmail System Cross Site Scripting Vulnerability II.Vendor Aldoir Ventura III.Affected Systems UebiMiau 2.7.9 latest release and probably previous versions. IV.About UebiMiau is a simple, yet efficient mail reader webmail supporting both IMAP and POP3 without dependence ...

7.4AI score
Exploits0
Rows per page
Query Builder