Lucene search
+L

73 matches found

Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.4 views

PT-2022-19934 · Snipe · Snipe-It

Name of the Vulnerable Software and Affected Versions: snipe/snipe-it versions prior to 6.0.10 Description: The issue concerns a session fixation problem where the session is not invalidated after a password change. This could potentially allow unauthorized access to user accounts. Recommendation...

8CVSS5AI score0.00674EPSS
Exploits1References7
EUVD
EUVD
added 2022/08/03 3:21 p.m.5 views

EUVD-2022-38738

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of...

9.8CVSS7.8AI score0.01503EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/12 12:0 a.m.12 views

PT-2022-22975 · Bmc · Bmc Track-It!

Name of the Vulnerable Software and Affected Versions: BMC Track-It! version 20.21.02.109 Description: This issue allows remote attackers to disclose sensitive information on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the...

6.5CVSS5.8AI score0.01378EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/02/14 7:15 p.m.7 views

CVE-2022-0579

Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9...

6.5CVSS6.5AI score0.01033EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/02/10 12:0 a.m.6 views

Track-It! 授权问题漏洞

Bmc Software Track-It! is an It helpdesk software from Bmc Software, USA. for helpdesks and service desks with asset management. A security vulnerability exists in BMC Track-It! that stems from a lack of authentication before allowing access to features. An attacker could exploit this vulnerabili...

9.8CVSS6.5AI score0.01895EPSS
Exploits0References5
CNVD
CNVD
added 2018/02/01 12:0 a.m.6 views

BMC Track-It! Information Disclosure Vulnerability

BMC Track-It! is a fully integrated IT helpdesk and asset management solution for small and medium-sized businesses from BMC Software, USA. The solution provides work order tracking, change management, process automation, asset inventory and asset management. A security vulnerability exists in...

9.8CVSS6.8AI score0.12313EPSS
Exploits4References1
OSV
OSV
added 2017/06/07 9:29 p.m.5 views

CVE-2015-3295

markdown-it before 4.1.0 does not block data: URLs...

5.3CVSS6.8AI score
Exploits0References6
CNVD
CNVD
added 2016/01/08 12:0 a.m.7 views

markdown-it and NodeBB HTML Injection Vulnerabilities

markdown-it is a parser product. NodeBB is a forum system developed by the Design Create Play team and built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. An HTML injection vulnerability exists in markdown-it versions prior to 4.1.0 and NodeBB versions...

5.3CVSS7.7AI score0.01287EPSS
Exploits0References1
exploitpack
exploitpack
added 2015/02/18 12:0 a.m.37 views

Publish-It 3.6d - Local Buffer Overflow (SEH)

Publish-It 3.6d - Local Buffer Overflow SEH !/usr/bin/python Title: Publish-It 3.6d - Buffer Overflow SEH Exploit Date: 2/16/15 Vulnerability: Discovery and PoC by Core Security http://www.exploit-db.com/exploits/31461/ Exploit Author: jakx Andrew Smith of Sword & Shield Enterprise Security Vendo...

0.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2014/10/10 10:55 a.m.3 views

CVE-2014-4872

BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to 1 FileStorageService or 2 ConfigurationService...

7.5CVSS6.1AI score0.80095EPSS
Exploits15References6
The Hacker News
The Hacker News
added 2010/12/26 2:59 a.m.5 views

Its 3rd week after attack & still CBI website remains down !

3rd week after attack & still CBI website remains down ! The website of the much sought-after Central Bureau of Investigation CBI continues to remain inactive, three weeks after it was hacked into by the so-called Pakistani Cyber Army. As a result, many have been badly hit, particularly the media...

6.6AI score
Exploits0
myhack58
myhack58
added 2010/03/29 12:0 a.m.17 views

Very rare the TXT file hung it-vulnerability warning-the black bar safety net

| TXT file in the Insert a piece of JAVA code behind the HTML code is the IE implementation of Affected versions of IE6 7 8 Code: ‘scriptalertsb/script iframe src=http://xxxxx. org width=5 0 0 height=5 0 0/iframe Presentation: Reference: http://xxxxx.org/test.txt Picture hanging horse The above...

0.4AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.17 views

CVE-2000-1068

pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the polloptions parameter...

7.7AI score0.03443EPSS
Exploits0References3
Rows per page
Query Builder