Lucene search
+L

114 matches found

Cvelist
Cvelist
added 2024/08/29 8:53 a.m.41 views

CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL

Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...

5.1CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/29 8:53 a.m.13 views

CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL

Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...

5.1CVSS6.2AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.4 views

PT-2024-36772 · B&R · B&R Aprol

Name of the Vulnerable Software and Affected Versions: B&R APROL versions = R 4.4-00P3 Description: A Reflected Cross-Site Scripting XSS issue in the Shift Logbook application may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...

6.1CVSS6.4AI score0.00239EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/08/29 12:0 a.m.3 views

B&R Industrial Automation APROL 跨站脚本漏洞

B&R Industrial Automation APROL is a production process management system from B&R Industrial Automation, Austria. A cross-site scripting vulnerability exists in B&R Industrial Automation APROL R version 4.4-00P3 and prior versions, which stems from a cross-site scripting vulnerability contained ...

6.1CVSS6.5AI score0.00239EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/11/14 12:0 a.m.2 views

VulnCheck KEV: CVE-2018-10737

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter...

7.2CVSS7.2AI score0.42556EPSS
Exploits2References1
Veracode
Veracode
added 2022/05/26 6:54 p.m.20 views

Denial Of Service (DoS)

elog:stretch is vulnerable to denial of service This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.5CVSS7AI score0.03486EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2020/12/06 4:33 a.m.23 views

Insecure Access Control

elog does not properly restrict access. A remote attacker is able to post data as any username in the logbook...

7.5CVSS3.6AI score0.01024EPSS
Exploits0References4Affected Software1
Kitploit
Kitploit
added 2020/07/24 12:30 p.m.32 views

Quiver - Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing

Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn't hide commands fro...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2020/03/24 12:0 a.m.5 views

ELOG Electronic Logbook Code Issue Vulnerability

ELOG is a web application written in C for creating personal and general purpose logs. A code issue vulnerability exists in the handling of HTTP parameters in ELOG Electronic Logbook version 3.1.4-283534d, which can be exploited by remote attackers to cause a denial of service via a specially...

7.5CVSS7AI score0.03486EPSS
Exploits0References1
OSV
OSV
added 2020/03/23 9:15 p.m.4 views

CVE-2020-8859

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...

7.5CVSS6.4AI score0.03486EPSS
Exploits0References2
NVD
NVD
added 2020/03/23 9:15 p.m.14 views

CVE-2020-8859

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...

7.5CVSS6.1AI score0.03486EPSS
Exploits0References2
Prion
Prion
added 2020/03/23 9:15 p.m.15 views

Null pointer dereference

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...

5CVSS7.4AI score0.03486EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/03/23 9:15 p.m.17 views

CVE-2020-8859

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...

7.5CVSS6.5AI score0.03486EPSS
Exploits0References4
OSV
OSV
added 2020/03/23 9:15 p.m.4 views

UBUNTU-CVE-2020-8859

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...

7.5CVSS5.8AI score0.03486EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2020/03/23 8:25 p.m.17 views

CVE-2020-8859

Removed by vendor...

7.5CVSS5.7AI score0.03486EPSS
Exploits0
Cvelist
Cvelist
added 2020/03/23 8:25 p.m.21 views

CVE-2020-8859

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...

5.3CVSS7.4AI score0.03486EPSS
Exploits0References2
CVE
CVE
added 2020/03/23 8:25 p.m.49 views

CVE-2020-8859

CVE-2020-8859 affects ELOG Electronic Logbook 3.1.4-283534d. The flaw is in HTTP parameter processing, where a crafted request can trigger a dereference of a null pointer, allowing remote attackers to cause a denial-of-service. Exploitation is unauthenticated and over the network, with the impact...

7.5CVSS7.3AI score0.03486EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2020/02/12 12:0 a.m.25 views

ELOG Electronic Logbook drop-count Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request can trigger t...

5.3CVSS1.7AI score0.03486EPSS
Exploits0
NVD
NVD
added 2020/01/10 5:15 a.m.18 views

CVE-2019-20375

A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization loc command to elogd.c...

6.1CVSS6.1AI score0.00785EPSS
Exploits0References1
OSV
OSV
added 2020/01/10 5:15 a.m.12 views

CVE-2019-20376

A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c...

6.1CVSS5.5AI score
Exploits0References1
Rows per page
Query Builder