CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

This repository hosts the documentation and issue tracker for all SysFlow projects. Quick reference Documentation : the SysFlow Documentation Where to get help : the SysFlow Community Slack Where to file issues : the github issue tracker Source of this description : repo's readme history Docker...

6.8AI score

Exploits0References11

CNVD•added 2017/10/17 12:0 a.m.•3 views

Issuetracker phpBugTracker Cross-Site Request Forgery Vulnerability

Issuetracker phpBugTracker is a web-based defect tracking system. The system provides features such as project management and defect tracking services. Multiple cross-site request forgery vulnerabilities exist in Issuetracker phpBugTracker versions prior to 1.7.0. A remote attacker can exploit th...

8CVSS8.1AI score0.00156EPSS

Exploits0References1

CNVD•added 2017/10/17 12:0 a.m.•3 views

Issuetracker phpBugTracker SQL Injection Vulnerability

Issuetracker phpBugTracker is a web-based defect tracking system. The system provides features such as project management and defect tracking services. A SQL injection vulnerability exists in Issuetracker phpBugTracker before 1.7.0. The vulnerability can be exploited by remote attackers to execut...

9.8CVSS10AI score0.00433EPSS

Exploits0References1

CNVD•added 2017/10/17 12:0 a.m.•4 views

Issuetracker phpBugTracker cross-site scripting vulnerability (CNVD-2017-30874)

Issuetracker phpBugTracker is a web-based defect tracking system. The system provides features such as project management and defect tracking services. A cross-site scripting vulnerability exists in Issuetracker phpBugTracker versions prior to 1.7.0. A remote attacker can exploit this vulnerabili...

4.8CVSS4.9AI score0.00278EPSS

Exploits0References1

CNVD•added 2017/10/17 12:0 a.m.•2 views

Issuetracker phpBugTracker cross-site scripting vulnerability (CNVD-2017-30877)

Issuetracker phpBugTracker is a web-based defect tracking system. The system provides features such as project management and defect tracking services. A cross-site scripting vulnerability exists in Issuetracker phpBugTracker versions prior to 1.7.2. A remote attacker can exploit this vulnerabili...

4.8CVSS4.9AI score0.00171EPSS

Exploits0References1

NVD•added 2017/10/06 10:29 p.m.•9 views

CVE-2015-2142

Multiple cross-site request forgery CSRF vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to 1 hijack the authentication of users for requests that cause an unspecified impact via the id parameter to project.php, 2 hijack the authentication of users for...

8CVSS8.1AI score0.00156EPSS

Exploits0References2

Prion•added 2017/10/06 10:29 p.m.•8 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to hijack the authentication of users for requests that cause an unspecified impact via unknown parameters...

6.8CVSS7.9AI score0.00195EPSS

Exploits0References1Affected Software1

NVD•added 2017/10/06 10:29 p.m.•11 views

CVE-2015-2143

8.8CVSS9.2AI score0.00195EPSS

Exploits0References1

Prion•added 2017/10/06 10:29 p.m.•10 views

Sql injection

Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to project.php, the 2 groupid parameter to group.php, the 3 statusid parameter to status.php, the 4 resolutionid parameter to...

7.5CVSS9.3AI score0.00433EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2017/10/06 10:29 p.m.•2 views

CVE-2015-2142

8CVSS5.5AI score0.00156EPSS

Exploits0References3

NVD•added 2017/10/06 10:29 p.m.•13 views

CVE-2015-2146

9.8CVSS10AI score0.00433EPSS

Exploits0References2

Prion•added 2017/10/06 10:29 p.m.•10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

3.5CVSS6.1AI score0.00171EPSS

Exploits0References1Affected Software1

NVD•added 2017/10/06 10:29 p.m.•8 views

CVE-2015-2145

Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.8CVSS5.2AI score0.00278EPSS

Exploits0References1

NVD•added 2017/10/06 10:29 p.m.•9 views

CVE-2015-2148

Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.8CVSS5.2AI score0.00171EPSS

Exploits0References1

Prion•added 2017/10/06 10:29 p.m.•11 views

Sql injection

Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters...

7.5CVSS9.3AI score0.00368EPSS

Exploits0References2Affected Software1

NVD•added 2017/10/06 10:29 p.m.•10 views

CVE-2015-2144

Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 project name parameter to project.php; the 2 usejs parameter to user.php; the 3 usejs parameter to group.php; the 4...

4.8CVSS4.9AI score0.00183EPSS

Exploits0References2

CVE•added 2017/10/06 10:0 p.m.•35 views

CVE-2015-2148

The CVE-2015-2148 entry is supported by connected records showing a concrete vulnerability in Issuetracker phpBugTracker: XSS vulnerabilities present in versions before 1.7.2, allowing remote attackers to inject arbitrary web script or HTML via unspecified parameters. The affected software is Iss...

4.8CVSS5.1AI score0.00171EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by