Lucene search
+L

200 matches found

Packet Storm
Packet Storm
added 2016/08/04 12:0 a.m.42 views

K2 Joomla! Extension Cross Site Scripting

================================================================ K2 Joomla! Extension PoC: http://localhost/administrator/index.php?option=comk2&view=categori...

7.4AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2016/08/03 12:0 a.m.24 views

K2,2.7.0,XSS (Cross Site Scripting)

K2,2.7.0,XSS Cross Site Scripting resolution: update to 2.7.1 update notice url: https://getk2.org/blog/2571-k2-v271-released Note that the VEL do not agree with the developer's assessment that XSS vulnerability is low priority...

0.1AI score
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/05/16 12:0 a.m.3 views

Fusion K2 Wireless Router Override Read Configuration File Vulnerability

The Fusion K2 Wireless Router is a wireless router for home use. The Fusion K2 Wireless Router is vulnerable to an override read configuration file vulnerability. Since Fusion K2 can read the configuration file which contains the password of the logged-in device without logging in, it can illegal...

6.8AI score
Exploits0
CNVD
CNVD
added 2016/04/22 12:0 a.m.4 views

Fusion K2 Wireless Router Exists Override Change Password Vulnerability

The Fusion K2 Wireless Router is a wireless router for home use. A vulnerability exists in the Fusion K2 Wireless Router that allows an attacker to modify the password without logging in to the administrator. This vulnerability allows an attacker to modify the username and password without loggin...

7AI score
Exploits0
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.88 views

Boolean-based SQL injection Vulnerability in K2 Platforms

Title: Boolean-based SQL injection Vulnerability in K2 Platforms. Author: Wissam Bashour - Help AG Middle East Vendor: K2 Product: SmartForms, BlackPearl, K2 for sharepoint Version: 4.6.7 Tested Version: Version 4.6.7 Severity: HIGH CVE Reference: CVE-2015-7299 About the Product: K2 smartforms ca...

7.5CVSS7.3AI score0.02297EPSS
Exploits3
NVD
NVD
added 2015/10/21 6:59 p.m.24 views

CVE-2015-7299

SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter...

7.5CVSS8.3AI score0.02297EPSS
Exploits3References2
Prion
Prion
added 2015/10/21 6:59 p.m.16 views

Sql injection

SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter...

7.5CVSS9.1AI score0.02297EPSS
Exploits3References2Affected Software3
Cvelist
Cvelist
added 2015/10/21 6:0 p.m.31 views

CVE-2015-7299

SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter...

8.3AI score0.02297EPSS
Exploits3References2
CVE
CVE
added 2015/10/21 6:0 p.m.68 views

CVE-2015-7299

The CVE-2015-7299 issue affects K2 products: K2 blackpearl, SmartForms, and K2 for SharePoint (version 4.6.7). A Boolean-based SQL injection exists in Runtime/Runtime/AjaxCall.ashx via the xml parameter, allowing an anonymous attacker to read data and potentially access or reconstruct sensitive D...

7.5CVSS8.6AI score0.02297EPSS
Exploits3References2Affected Software3
Packet Storm
Packet Storm
added 2015/10/13 12:0 a.m.60 views

K2 SmartForms / BlackPearl SQL Injection

Title: Boolean-based SQL injection Vulnerability in K2 Platforms. Author: Wissam Bashour - Help AG Middle East Vendor: K2 Product: SmartForms, BlackPearl, K2 for sharepoint Version: 4.6.7 Tested Version: Version 4.6.7 Severity: HIGH CVE Reference: CVE-2015-7299 About the Product: K2 smartforms ca...

7.5CVSS0.4AI score0.02297EPSS
Exploits3
0day.today
0day.today
added 2015/10/13 12:0 a.m.97 views

K2 SmartForms / BlackPearl SQL Injection Vulnerability

K2 SmartForms, BlackPearl, and K2 for Sharepoint version 4.6.7 suffer from a boolean-based remote SQL injection vulnerability. Title: Boolean-based SQL injection Vulnerability in K2 Platforms. Author: Wissam Bashour - Help AG Middle East Vendor: K2 Product: SmartForms, BlackPearl, K2 for sharepoi...

7.5CVSS7.6AI score0.02297EPSS
Exploits3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.44 views

Joomla Component com_K2 -q 1.0.1b (category) SQL Injection Vuln

No description provided by source. ---------------------------------------------------------------------- Joomla Component comk2 sectionid SQL injection Vulnerability ---------------------------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Verity K2 Toolkit 2.20 Query Builder Search Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8074/info It has been reported that the K2 Toolkit does not sufficiently sanitize input by users. Because of this, it may be possible for an attacker to launch an attack that results in the execution of hostile HTML or...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Verity K2 Toolkit 2.20 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8073/info It has been reported that Verity K2 Toolkit does not sufficiently filter user-supplied search parameters. As a result of this reported deficiency, it may be possible for a remote attacker to create a malicious...

7.1AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2014/06/08 12:0 a.m.18 views

K2 Content Extension, 2.6.8,

K2 Content Extension, 2.6.8, XSS Cross Site Scripting resolution update to version 2.6.9...

2.3AI score
Exploits0References3Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2013/07/03 12:0 a.m.18 views

k2, 2.6.6, Open Folder Permissions

k2, Open folder permissions developer notice http:/getk2.org/blog/1432-k2-v267-released-akismet-integrated-new-acl-option-improved-php-54-support...

0.2AI score
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2011/07/24 12:0 a.m.23 views

Joomla Component JE K2 Story Submit Local File Inclusion Vulnerability

No description provided by source. ! /usr/bin/perl -w Joomla Component JE Story Submit Local File Inclusion Vulnerability Author : v3n0m Date : July, 21-2011 GMT +7:00 Jakarta, Indonesia Software : JE Story Submit Vendor : http://joomlaextensions.co.in/ License : GPLv2 or later Tested On: Joomla...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/07/21 12:0 a.m.40 views

Joomla JE K2 Story Submit Local File Inclusion

! /usr/bin/perl -w Joomla Component JE Story Submit Local File Inclusion Vulnerability Author : v3n0m Date : July, 21-2011 GMT +7:00 Jakarta, Indonesia Software : JE Story Submit Vendor : http://joomlaextensions.co.in/ License : GPLv2 or later Tested On: Joomla 1.5.x irc.yogyacarderlink.web.id -...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/07/21 12:0 a.m.27 views

Joomla Component JE K2 Story Submit Local File Inclusion Vulnerability

Exploit for php platform in category web applications ! /usr/bin/perl -w Joomla Component JE Story Submit Local File Inclusion Vulnerability Author : v3n0m Date : July, 21-2011 GMT +7:00 Jakarta, Indonesia Software : JE Story Submit Vendor : http://joomlaextensions.co.in/ License : GPLv2 or later...

7.1AI score
Exploits0
NVD
NVD
added 2010/10/25 8:0 p.m.21 views

CVE-2010-3156

Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

6.9CVSS6.5AI score0.00279EPSS
Exploits0References2
Rows per page
Query Builder