Lucene search
K

9 matches found

WPVulnDB
WPVulnDB
added 2015/04/29 12:0 a.m.13 views

White Label CMS <= 1.5.2 - Stored XSS

Due to a lack of CSRF protection, and lack of sanitation of user input, it is possible to trigger a Persistent XSS attack via a CSRF attack. This attack targets in particular the Import functionality, which is located in the 'wlcmsImport' function, within the file...

0.2AI score
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2015/04/06 12:0 a.m.39 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Apr 2015) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

7.5CVSS9.7AI score0.66936EPSS
Exploits3References4
UbuntuCve
UbuntuCve
added 2015/04/01 12:0 a.m.37 views

CVE-2015-0807

The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and...

6.8CVSS7.2AI score0.01175EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/01/20 12:0 a.m.59 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Jan 2015) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

7.5CVSS9.7AI score0.03861EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/01/16 12:0 a.m.31 views

SeaMonkey < 2.32 Multiple Vulnerabilities

Binary data 8626.prm...

7.5CVSS9.8AI score0.65657EPSS
Exploits4References18
Tenable Nessus
Tenable Nessus
added 2015/01/15 12:0 a.m.27 views

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2458-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2458-1 advisory. Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory...

7.5CVSS8AI score0.65657EPSS
Exploits4References10
NVD
NVD
added 2015/01/14 11:59 a.m.22 views

CVE-2014-8638

The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery...

6.8CVSS6.4AI score0.0102EPSS
Exploits0References39
Cvelist
Cvelist
added 2015/01/14 11:0 a.m.22 views

CVE-2014-8638

The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery...

9.3AI score0.0102EPSS
Exploits0References39
CVE
CVE
added 2015/01/14 11:0 a.m.141 views

CVE-2014-8638

CVE-2014-8638 affects Firefox up to 35.0 (ESR 31.x before 31.4), Thunderbird before 31.4, and SeaMonkey before 2.32. The navigator.sendBeacon implementation omits the CORS Origin header, allowing remote attackers to bypass intended CORS checks and conduct cross-site request forgery via a crafted ...

6.8CVSS9.1AI score0.0102EPSS
Exploits0References39Affected Software2
Rows per page
Query Builder