Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-4366

Malware in sbrugna...

6.1CVSS6.8AI score0.00195EPSS
Exploits2References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-4357

Malware in sbrugna...

6.1CVSS6.3AI score0.00234EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-4367

Malware in sbrugna...

8.8CVSS6.8AI score0.00227EPSS
Exploits2References4
NVD
NVDadded 2020/07/14 8:15 p.m.9 views

CVE-2019-12773

An issue was discovered in Verint Impact 360 15.1. At wfo/help/helppopup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this produc...

6.1CVSS0.00234EPSS
Exploits1References2
NVD
NVDadded 2020/07/14 8:15 p.m.9 views

CVE-2019-12783

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site,...

6.1CVSS0.00195EPSS
Exploits2References2
OSV
OSVadded 2020/07/14 8:15 p.m.1 views

CVE-2019-12784

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and...

8.8CVSS6.7AI score0.00227EPSS
Exploits2References2
OSV
OSVadded 2020/07/14 8:15 p.m.1 views

CVE-2019-12783

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site,...

6.1CVSS6.7AI score0.00195EPSS
Exploits2References2
OSV
OSVadded 2020/07/14 8:15 p.m.1 views

CVE-2019-12773

An issue was discovered in Verint Impact 360 15.1. At wfo/help/helppopup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this produc...

6.1CVSS6AI score
Exploits0References2
NVD
NVDadded 2020/07/14 8:15 p.m.9 views

CVE-2019-12784

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and...

8.8CVSS0.00227EPSS
Exploits2References2
Prion
Prionadded 2020/07/14 8:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in Verint Impact 360 15.1. At wfo/help/helppopup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this produc...

4.3CVSS6.2AI score0.00234EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2020/07/14 8:15 p.m.16 views

Code injection

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and...

6.8CVSS6.4AI score0.00227EPSS
Exploits2References2Affected Software1
Prion
Prionadded 2020/07/14 8:15 p.m.14 views

Code injection

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site,...

5.8CVSS7.2AI score0.00227EPSS
Exploits2References2Affected Software1
Cvelist
Cvelistadded 2020/07/14 7:27 p.m.9 views

CVE-2019-12773

An issue was discovered in Verint Impact 360 15.1. At wfo/help/helppopup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this produc...

6.2AI score0.00234EPSS
Exploits1References2
CVE
CVEadded 2020/07/14 7:27 p.m.38 views

CVE-2019-12773

The CVE-2019-12773 issue affects Verint Impact 360 15.1, specifically the wfo/help/help_popup.jsp page where the helpURL parameter can be manipulated to embed arbitrary content inside an iframe. Root cause is improper handling of the helpURL parameter, enabling an attacker to craft a link that co...

6.1CVSS6.2AI score0.00234EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/07/14 7:25 p.m.14 views

CVE-2019-12784

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and...

6.8AI score0.00227EPSS
Exploits2References2
CVE
CVEadded 2020/07/14 7:25 p.m.48 views

CVE-2019-12784

Verint Impact 360 15.1 (wfo/control/signin) has a login form that accepts submissions from external websites, enabling a possible cross-site flow that, together with CVE-2019-12783, could be used to crowdsource bruteforce login attempts against valid credentials without originating traffic from t...

8.8CVSS6.3AI score0.00227EPSS
Exploits2References2Affected Software1
CVE
CVEadded 2020/07/14 7:22 p.m.46 views

CVE-2019-12783

CVE-2019-12783 (Verint Impact 360 15.1) is an open redirect at wfo/control/signin where the rd parameter can accept a URL, enabling redirection after login. When paired with CVE-2019-12784 (external submissions in the login form), this can be used to crowdsource bruteforce login attempts on the t...

6.1CVSS7.1AI score0.00195EPSS
Exploits2References2Affected Software1
Cvelist
Cvelistadded 2020/07/14 7:22 p.m.16 views

CVE-2019-12783

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site,...

6.8AI score0.00195EPSS
Exploits2References2
Packet Storm
Packet Stormadded 2020/07/14 12:0 a.m.308 views

Verint Impact 360 15.1 Script Insertion / HTML Injection

!-- Exploit Title: Verint Impact 360 Open iFrame Date: 7-13-2020 Exploit Author: Ryan Delaney Author Contact: [email protected] Author LinkedIn: https://www.linkedin.com/in/infosecrd/ Vendor Homepage: https://www.verint.com/ Software Link:...

0.2AI score0.00234EPSS
Exploits1
Packet Storm
Packet Stormadded 2020/07/14 12:0 a.m.283 views

Verint Impact 360 15.1 Cross Site Request Forgery

!-- Exploit Title: Verint Impact 360 login CSRF Date: 7-13-2020 Exploit Author: Ryan Delaney Author Contact: [email protected] Author LinkedIn: https://www.linkedin.com/in/infosecrd/ Vendor Homepage: https://www.verint.com/ Software Link:...

0.7AI score0.00227EPSS
Exploits2
Rows per page
Query Builder