Lucene search
K

181 matches found

Cvelist
Cvelist
added 2016/12/15 6:31 a.m.27 views

CVE-2016-5740

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitation workflow. Th...

6.2AI score0.04274EPSS
Exploits4References4
CVE
CVE
added 2016/12/15 6:31 a.m.42 views

CVE-2016-6845

The CVE-2016-6845 entry affects Open-Xchange OX App Suite prior to 7.8.2-rev8. The vulnerability arises from script code within hyperlinks in HTML emails not being properly sanitized when using base64 encoded data resources, allowing an attacker to supply hyperlinks that can execute script code i...

6.1CVSS6.3AI score0.00713EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/12/15 6:31 a.m.27 views

CVE-2016-6845

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within hyperlinks at HTML E-Mails is not getting correctly sanitized when using base64 encoded "data" resources. This allows an attacker to provide hyperlinks that may execute script code instead of directing to a...

6.3AI score0.00713EPSS
Exploits0References2
Vulnerability Lab
Vulnerability Lab
added 2016/11/03 12:0 a.m.21 views

Edusson (Robotdon) BB - Bypass & Persistent Vulnerability

Document Title: =============== Edusson Robotdon BB - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1870 Release Date: ============= 2016-11-03 Vulnerability Laboratory ID VL-ID: ==================================== 18...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/07/27 12:0 a.m.38 views

Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities

Document Title: =============== Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1881 Release Date: ============= 2016-07-27 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/06/16 12:0 a.m.3 views

Microsoft Office Files Containing Malicious VBScript Downloader

Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...

3.3AI score
Exploits0
hackapp
hackapp
added 2016/04/01 8:55 a.m.14 views

Mails - AOL, Outlook and more - Apache license, Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Mails - AOL, Outlook and more published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2016/02/25 12:0 a.m.28 views

eFront Learning CMS 3.6.15.6 Cross Site Scripting

Document Title: =============== eFront Learning 3.6.15.6 CMS - Forum Persistent Title Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1761 Release Date: ============= 2016-02-23 Vulnerability Laboratory ID VL-ID:...

0.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/02/23 12:0 a.m.1 views

Microsoft Office Mail Attachment Containing Malicious Downloader

A Microsoft Office Mail attachment containing a malicious downloader was observed as part of Locky ransomware campaign. A remote attacker could send spam e-mails including those downloaders and convince users to manually enable them. This would allow the malicious code to run and infect the targe...

4.8AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/02/22 12:0 a.m.21 views

eFront Learning 3.6.15.6 CMS - Persistent Web Vulnerability

Document Title: =============== eFront Learning 3.6.15.6 CMS - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1761 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ===================================...

0.1AI score
Exploits0
Kitploit
Kitploit
added 2016/01/22 10:30 p.m.283 views

Dnstwist - Domain Name Permutation Engine For Detecting Typo Squatting, Phishing And Corporate Espionage

See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud and corporate espionage. Useful as an additional source of targeted threat intelligence. The idea is...

6.3AI score
Exploits0References2
CNVD
CNVD
added 2016/01/15 12:0 a.m.5 views

AVM FRITZ!OS Cross-Site Scripting Vulnerability

AVM FRITZ!OS is a set of operating systems used in Fritz!Box wireless router products. A cross-site scripting vulnerability exists in the Push-Service-Mails feature of AVM FRITZ!OS, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be us...

6.1CVSS6.2AI score0.01515EPSS
Exploits2References1
NVD
NVD
added 2016/01/12 7:59 p.m.21 views

CVE-2015-7242

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...

6.1CVSS6.1AI score0.01515EPSS
Exploits2References4
Prion
Prion
added 2016/01/12 7:59 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...

4.3CVSS6.1AI score0.01515EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2016/01/12 7:0 p.m.31 views

CVE-2015-7242

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...

6.3AI score0.01515EPSS
Exploits2References4
Check Point Advisories
Check Point Advisories
added 2015/11/10 12:0 a.m.3 views

Microsoft Outlook for Mac Spoofing (MS15-116: CVE-2015-6123)

A spoofing vulnerability has been reported in Microsoft outlook for Mac. The vulnerability is due to an error in Microsoft Office Outlook that fail to sanitize html input or treat it in a safe manner. A remote attacker can exploit this vulnerability by sending HTML e-mails to victims with content...

4.3CVSS6.2AI score0.1115EPSS
Exploits0
Hacker One
Hacker One
added 2015/10/02 10:26 p.m.20 views

ownCloud: Self-XSS in mails sent by [email protected]

Hello i create account with username have a payload code "alert1, and i always when i get mail from [email protected] i get mail win inject the code payload html code inject From: ownCloud Reply-To: [email protected] To: [email protected] Message-ID: Subject: ownCloud Security & Encryption 2.0; A...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/01/19 12:0 a.m.2 views

Microsoft Office Files Containing Malicious Downloader

Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...

3.9AI score
Exploits0
Packet Storm
Packet Storm
added 2014/12/17 12:0 a.m.39 views

Jease CMS 2.11 Script Insertion

Document Title: =============== Jease CMS v2.11 - Persistent UI Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1373 Release Date: ============= 2014-12-12 Vulnerability Laboratory ID VL-ID: ==================================== 1373...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.142 views

BookFresh - Persistent Clients Invite Vulnerability

Document Title: =============== BookFresh - Persistent Clients Invite Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1351 Release Date: ============= 2014-10-28 Vulnerability Laboratory ID VL-ID: ==================================== 1351...

7.6AI score
Exploits0
Rows per page
Query Builder