Lucene search
K

94 matches found

Prion
Prion
added 2017/02/08 10:59 p.m.14 views

Code injection

IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images...

4CVSS6.8AI score0.00665EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/02/08 10:59 p.m.17 views

CVE-2016-0308

IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images...

4.3CVSS4.5AI score0.00665EPSS
Exploits0References2
CVE
CVE
added 2017/02/08 10:0 p.m.44 views

CVE-2016-0308

CVE-2016-0308 affects IBM Connections 5.5 and earlier. The vulnerability is a link manipulation issue that could cause display of inappropriate background images. According to NVD, this is a network-based issue with low attack complexity and no confidentiality/availability impact, but partial int...

4.3CVSS4.5AI score0.00665EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/02/08 10:0 p.m.22 views

CVE-2016-0308

IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images...

4.5AI score0.00665EPSS
Exploits0References2
CNVD
CNVD
added 2017/01/16 12:0 a.m.4 views

rc4 Password Cracking Vulnerability in LOGBASE Ops Security Management System from Sifo-Di

The LOGBASE O&M security management system from Sifo-Di provides O&M security audits for O&M staff. A rc4 password cracking vulnerability exists in the LOGBASE Operations and Maintenance Security Management System from Sifo-Dee. As the system comes with a URL link to decrypt its own "RC4",...

6.9AI score
Exploits0
OSV
OSV
added 2016/06/30 11:59 p.m.6 views

CVE-2016-5305

Multiple cross-site scripting XSS vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack...

5.4CVSS5.8AI score0.01227EPSS
Exploits0References3
Prion
Prion
added 2016/06/30 11:59 p.m.24 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack...

3.5CVSS5.5AI score0.01227EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/06/30 11:0 p.m.31 views

CVE-2016-5305

Multiple cross-site scripting XSS vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack...

5.5AI score0.01227EPSS
Exploits0References3
CVE
CVE
added 2016/06/30 11:0 p.m.57 views

CVE-2016-5305

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 contains multiple DOM-based cross-site scripting vulnerabilities in SEPM management scripts. The issue is triggered by unsanitized input in the DOM link manipulation pathway, allowing remote authenticated users to inject arbitrary we...

5.4CVSS5.3AI score0.01227EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/03/29 12:0 a.m.5 views

Multiple vulnerabilities in Drupal Core File module

Drupal is a free and open source content management system developed in PHP. A file upload bypass and denial of service vulnerability exists in the Drupal Core File module. This allows a malicious user to view, delete or replace a link to a file that the victim has uploaded to a form that has not...

8.1CVSS6.9AI score0.0159EPSS
Exploits0References1
Hacker One
Hacker One
added 2015/12/18 5:40 p.m.640 views

HackerOne: Parameter pollution in social sharing buttons

Hello! For example we have a link https://hackerone.com/blog/introducing-signal-and-impact, and we will change it to https://hackerone.com/blog/introducing-signal-and-impact?&u=https://vk.com/durov. If you send a link to the user and he wants to share a link to facebook, the content will change...

0.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.13 views

Vulnerability of Firefox and Firefox ESR browsers, which allow hackers to write arbitrary files and increase their privileges

The vulnerability of the Mozilla Maintenance Service component in Firefox and Firefox ESR browsers arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to write arbitrary files locally and increase their privileges by manipulating...

3.3CVSS7.8AI score0.00797EPSS
Exploits1References4Affected Software2
Hacker One
Hacker One
added 2014/08/09 11:53 p.m.28 views

HackerOne: Redirect while opening links in new tabs

Hello HackerOne, I'd like to report to you a nice little bug about opening links in new tabs. When you open a link in a new tab target="blank" , the page that opens in a new tab can access the initial tab and change it's location using the window.opener property. POC:...

7AI score
Exploits0
NVD
NVD
added 2002/09/24 4:0 a.m.17 views

CVE-2002-0989

The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link...

7.5CVSS7.2AI score0.0319EPSS
Exploits1References15
Rows per page
Query Builder