178 matches found
CVE-2016-5889
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 115085...
Cross site scripting
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 115084...
Cross site request forgery (csrf)
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 115085...
CVE-2016-5888
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 115084...
CVE-2016-5889
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 115085...
CVE-2016-5888
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 115084...
CVE-2016-5888
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 115084...
CVE-2016-5889
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 115085...
CVE-2016-5889
IBM Interact versions 8.6, 9.0, 9.1, and 10.0 are reported vulnerable to Cross-Site Request Forgery (CSRF) that could enable an attacker to perform malicious and unauthorized actions transmitted from a trusted user. The vulnerability is described as CSRF in the IBM Interact product; no detailed r...
CVE-2016-5888
CVE-2016-5888 corresponds to an XSS vulnerability in IBM Interact Web UI. The affected products are IBM Interact 8.6, 9.0, 9.1, and 10.0. The vulnerability allows an attacker to embed arbitrary JavaScript in the Web UI, potentially altering functionality and leading to credential disclosure withi...
interact.ru XSS vulnerability
Vulnerable URL: http://www.interact.ru/shfilm.php?film=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 10:01 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...
Apple Pay: A New Way to Pay
Every September, Apple announces exciting new products that promise to change how we interact with not only our devices, but with the world around us. 2014 has been no exception; in San Francisco this morning, Apple announced the iPhone 6, Apple Watch and Apple Pay. Even though Im excited about t...
Interact 2.4.1 - SQL Injection Vulnerability
No description provided by source. Title: Interact 2.4.1 SQL Injection Title : Interact 2.4.1 SQL Injection Affected Version : Interact = 2.4.1 Vendor Site : http://sourceforge.net/projects/cce-interact/ Discovery : Vulnerabilites : SQL Injection: in search.php file line 44: $searchtermsraw =...
interact 2.4.1 - Multiple Remote File Inclusion Vulnerabilities
No description provided by source. -========================================== ViVa Islam + YeMeN ====================================- Name : interact 2.4.1 Multiple Remote RFI Vulnerabiliy Download From : http://puzzle.dl.sourceforge.net/sourceforge/cce-interact/interact-2-4-1.tar.gz Found By :...
interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class interactRemoteFileIncludePOCBase: vulID = '63658' version = '1' vulDate = '2006-08-19' author = ' '...
HackerOne: CSRF login
1 Attacker creates a fake account and changes e-mail 2 The e-mail confirmation link can now be used to CSRF login someone into the fake account, then monitor actions performed by the victim or even interact with him...
Interact 2.4.1 SQL Injection Vulnerability
Exploit for php platform in category web applications Title : Interact 2.4.1 SQL Injection Affected Version : Interact l0rd D3lt4l0rD & Turb0 ,,,, email protected S.V.T :D 0day.today 2018-02-06...
Interact 2.4.1 SQL Injection
Title: Interact 2.4.1 SQL Injection Title : Interact 2.4.1 SQL Injection Affected Version : Interact l0rd D3lt4l0rD & Turb0 ,,,, [email protected] S.V.T :D...
Interact 2.4.1 - SQL Injection
Interact 2.4.1 - SQL Injection Title: Interact 2.4.1 SQL Injection Title : Interact 2.4.1 SQL Injection Affected Version : Interact l0rd D3lt4l0rD & Turb0 ,,,, [email protected] S.V.T :D...
Interact 2.4.1 - SQL Injection
Title: Interact 2.4.1 SQL Injection Title : Interact 2.4.1 SQL Injection Affected Version : Interact l0rd D3lt4l0rD & Turb0 ,,,, [email protected] S.V.T :D...