Lucene search
K

469 matches found

OSV
OSV
added 2016/05/06 5:59 p.m.4 views

AZL-6505 CVE-2016-4074 affecting package jq for versions less than 1.5-6

The jvdumpterm function in jq 1.5 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted JSON file. This issue has been fixed in jq 1.6rc1-r0...

7.5CVSS7.1AI score0.05333EPSS
Exploits1References1
myhack58
myhack58
added 2016/04/25 12:0 a.m.28 views

AppCan vulnerability spree(AppCan weak password\XSS\SQL injection\sensitive files leaked\weak password\file upload vulnerability collection)-vulnerability warning-the black bar safety net

Test yourself to write the discuz scan tool robustness of the time to find a backup file http://bbs. appcan. cn//config/configucenter. php. bak Use uckey getshell failure,the test has changed uckey. To continue testing,found a suspected injection point http://edu. appcan. cn/traindetailnew. html?...

7.7AI score
Exploits0
OSV
OSV
added 2016/03/01 11:59 a.m.2 views

DEBIAN-CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.1CVSS6.4AI score0.03109EPSS
Exploits0References1
OSV
OSV
added 2016/03/01 11:59 a.m.13 views

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.1CVSS6.4AI score
Exploits0References11
Prion
Prion
added 2016/03/01 11:59 a.m.29 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

4.3CVSS6.5AI score0.03109EPSS
Exploits0References11Affected Software1
UbuntuCve
UbuntuCve
added 2016/03/01 11:59 a.m.29 views

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.1CVSS6.8AI score0.03109EPSS
Exploits0References7
OSV
OSV
added 2016/03/01 11:59 a.m.4 views

UBUNTU-CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.1CVSS6.9AI score0.03109EPSS
Exploits0References8
Cvelist
Cvelist
added 2016/03/01 11:0 a.m.36 views

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.4AI score0.03109EPSS
Exploits0References11
CVE
CVE
added 2016/03/01 11:0 a.m.81 views

CVE-2016-2560

The CVE-2016-2560 issue affects phpMyAdmin series: 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1. The vulnerability consists of multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML through several vectors (crafted H...

6.1CVSS6.2AI score0.03109EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2016/03/01 11:0 a.m.25 views

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.1CVSS6.8AI score0.03109EPSS
Exploits0
OSV
OSV
added 2016/02/20 1:59 a.m.8 views

CVE-2016-2045

Cross-site scripting XSS vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response...

5.4CVSS6.5AI score
Exploits0References5
NVD
NVD
added 2016/02/20 1:59 a.m.21 views

CVE-2016-2045

Cross-site scripting XSS vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response...

5.4CVSS5.4AI score0.01531EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2016/02/20 1:59 a.m.33 views

CVE-2016-2045

Cross-site scripting XSS vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response...

5.4CVSS6.5AI score0.01531EPSS
Exploits0References2
Prion
Prion
added 2016/02/20 1:59 a.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response...

3.5CVSS6AI score0.01531EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2016/02/20 1:0 a.m.27 views

CVE-2016-2045

Cross-site scripting XSS vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response...

5.4AI score0.01531EPSS
Exploits0References5
NVD
NVD
added 2015/09/08 3:59 p.m.31 views

CVE-2015-5250

The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...

4CVSS6.4AI score0.01952EPSS
Exploits0References3
Prion
Prion
added 2015/09/08 3:59 p.m.16 views

Code injection

The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...

4CVSS7AI score0.01952EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/09/08 3:0 p.m.55 views

CVE-2015-5250

CVE-2015-5250 affects the API server of OpenShift Origin 1.0.5. A remote attacker can trigger a denial of service (master process crash) by sending specially crafted JSON data. Root cause mentioned in public sources includes improper error handling in the API server. The issue is addressed in Red...

4CVSS6.5AI score0.01952EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/09/08 3:0 p.m.35 views

CVE-2015-5250

The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...

6.4AI score0.01952EPSS
Exploits0References3
Friends Of PHP
Friends Of PHP
added 2015/05/10 3:58 a.m.17 views

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...

4.3CVSS7.2AI score0.01521EPSS
Exploits0Affected Software1
Rows per page
Query Builder