Lucene search
K

5125 matches found

Cvelist
Cvelist
added 2018/07/27 6:0 p.m.31 views

CVE-2017-2658

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

2.6CVSS6.4AI score0.0148EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2018/07/27 12:0 a.m.8 views

PT-2018-7163 · Red Hat · Red Hat Jboss Data Virtualization & Services +1

Name of the Vulnerable Software and Affected Versions: Red Hat JBoss BPM Suite versions prior to 6.4.2 Red Hat JBoss Data Virtualization & Services versions prior to 6.4.3 Description: A security issue was found in the Dashbuilder login page, which could be opened in an IFRAME. This allowed for t...

6.5CVSS5.3AI score0.0148EPSS
Exploits0References5
Hacker One
Hacker One
added 2018/07/25 6:50 a.m.19 views

Augur: Augur UI data can be completely replaced by an attacker which can lead to fund and reputation loss

Summary: A third party attacking site can fake UI data - markets, categories and other Description: A third party site can include a hidden iframe which can override "augur-node" configuration variable of a running augur application. This variable is persisted in localStorage. In the case of...

0.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/07/23 7:28 p.m.4 views

Dashbuilder: Lack of clickjacking protection on the login page

It was discovered that the Dashbuilder login page could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console clickjacking...

6.5CVSS5.9AI score0.0148EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2018/07/22 12:25 p.m.9 views

posizionamento-seo.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-652387 Description| Value ---|--- Affected Website:| posizionamento-seo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/21 3:7 p.m.8 views

liztid.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-651639 Description| Value ---|--- Affected Website:| liztid.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
OSV
OSV
added 2018/07/20 10:29 p.m.6 views

CVE-2018-3771

An XSS in statics-server = 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser...

6.1CVSS5.8AI score0.00922EPSS
Exploits1References1
NVD
NVD
added 2018/07/20 10:29 p.m.16 views

CVE-2018-3771

An XSS in statics-server = 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser...

6.1CVSS6AI score0.00922EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/07/20 12:0 a.m.3 views

PT-2018-16189 · Unknown · Statics-Server

Name of the Vulnerable Software and Affected Versions: statics-server versions 0.0.0 through 0.0.9 Description: The issue is related to a Cross-Site Scripting XSS vulnerability. It occurs when statics-server displays a directory index in the browser and an attacker injects an iframe in the...

6.1CVSS5.8AI score0.00922EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2018/07/18 1:57 p.m.14 views

aomss.org.sg IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-649484 Description| Value ---|--- Affected Website:| aomss.org.sg Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/15 6:8 a.m.10 views

rj.gov.br IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-647977 Description| Value ---|--- Affected Website:| rj.gov.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/15 5:24 a.m.17 views

sp.senac.br IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-647968 Description| Value ---|--- Affected Website:| sp.senac.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/15 4:56 a.m.8 views

salutis.com.br IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-647955 Description| Value ---|--- Affected Website:| salutis.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/15 4:51 a.m.11 views

bravox.com.br IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-647954 Description| Value ---|--- Affected Website:| bravox.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/12 3:27 p.m.14 views

mercurio.detran.pa.gov.br IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-645729 Description| Value ---|--- Affected Website:| mercurio.detran.pa.gov.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/12 3:25 p.m.14 views

www2.detran.pa.gov.br IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-645728 Description| Value ---|--- Affected Website:| www2.detran.pa.gov.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Wallarm Lab
Wallarm Lab
added 2018/07/10 4:7 p.m.60 views

Neatly bypassing CSP

How to trick CSP in letting you run whatever you want By bo0om, Wallarm research Content Security Policy or CSP is a built-in browser technology which helps protect from attacks such as cross-site scripting XSS. It lists and describes paths and sources, from which the browser can safely load...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/07/09 9:21 p.m.14 views

kager.net IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-643635 Description| Value ---|--- Affected Website:| kager.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Veracode
Veracode
added 2018/07/05 5:21 a.m.14 views

Cross-site Scripting (XSS)

buttle is vulnerable to cross-site scripting XSS attacks. The library does not sanitize filenames, allowing a malicious user to inject and execute arbitrary Javascript using a iframe tag as a filename...

6.1CVSS6AI score0.01172EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2018/07/04 8:10 a.m.63 views

CoinHive URL Shortener Abused to Secretly Mine Cryptocurrency Using Hacked Sites

Security researchers have been warning about a new malicious campaign that leverages an alternative scheme to mine cryptocurrencies without directly injecting the infamous CoinHive JavaScript into thousands of hacked websites. Coinhive is a popular browser-based service that offers website owners...

0.9AI score
Exploits0
Rows per page
Query Builder