Lucene search
+L

74 matches found

nvd
nvd
added 2014/10/04 10:55 a.m.14 views

CVE-2014-6926

The Allt om Brollop aka com.paperton.wl.alltombrollop application 1.53 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References3
cve
cve
added 2014/10/04 10:0 a.m.42 views

CVE-2014-6926

The CVE-2014-6926 entry involves the Android app Allt om Brollop (package com.paperton.wl.alltombrollop) at version 1.53, where SSL/TLS connections do not verify X.509 certificates. This root cause enables potential man‑in‑the‑middle (MITM) attacks, allowing an attacker to spoof servers and acces...

5.4CVSS6AI score0.00266EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2014/10/04 10:0 a.m.25 views

CVE-2014-6926

The Allt om Brollop aka com.paperton.wl.alltombrollop application 1.53 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00266EPSS
Exploits0References3
cve
cve
added 2014/07/17 10:0 a.m.52 views

CVE-2014-4250

CVE-2014-4250 affects Oracle Siebel CRM 8.1.1 and 8.2.2, specifically the Siebel Core – Server OM Frwks component. The vulnerability is described as an unspecified issue that could allow remote authenticated users to affect confidentiality via unknown vectors related to Object Manager. The connec...

3.5CVSS5.3AI score0.0164EPSS
Exploits0References7Affected Software1
nvd
nvd
added 2012/12/03 9:55 p.m.23 views

CVE-2012-6065

The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553...

4.6CVSS7.1AI score0.0105EPSS
Exploits0References3
prion
prion
added 2012/12/03 9:55 p.m.17 views

Code injection

The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553...

4.6CVSS7.4AI score0.0105EPSS
Exploits0References3Affected Software1
prion
prion
added 2012/12/03 9:55 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the 1 Menu Title 2 Link Title, 3 Path...

2.1CVSS5.5AI score0.00941EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2012/12/03 9:0 p.m.26 views

CVE-2012-6065

The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553...

7.1AI score0.0105EPSS
Exploits0References3
cve
cve
added 2012/12/03 9:0 p.m.45 views

CVE-2012-5553

CVE-2012-5553 relates to multiple XSS vulnerabilities in the Drupal OM Maximenu module. Affected software: OM Maximenu 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44. The issue arises when authenticated users with the "administer OM Maximenu" permission can inject arbitrary web script or HTM...

2.1CVSS5.4AI score0.00941EPSS
Exploits0References5Affected Software1
cve
cve
added 2012/12/03 9:0 p.m.41 views

CVE-2012-6065

The CVE-2012-6065 vulnerability affects the Drupal OM Maximenu module (6.x-1.43 and earlier). When the “Title has PHP” option is enabled, remote authenticated users with the "Administer OM Maximenu" permission can trigger execution of arbitrary PHP code via a Link Title. This is a distinct issue ...

4.6CVSS7.3AI score0.0105EPSS
Exploits0References3Affected Software1
drupal
drupal
added 2012/11/07 12:0 a.m.23 views

SA-CONTRIB-2012-160 - OM Maximenu - Cross Site Scripting (XSS)

This module enables you to create custom menus with effects and integrate module blocks as it's menu item content. The module doesn't sufficiently state the risk of giving permission to create OM Maximenus. This vulnerability is mitigated by the fact that an attacker must have a role with the...

2.1CVSS6.1AI score0.00941EPSS
Exploits0References12
packetstorm
packetstorm
added 2011/08/23 12:0 a.m.19 views

Enform / Thecaryard SQL Injection

. . . | |/ |\ | \ ..\ | | //||| /\ | / \ / | | /\ | / / / / / / // / / Title : Site Designed enform Powered by thecaryard Multiple SQL Injection Vulnerabilities Vendor/Software : www.enform.co.nz & www.thecaryard.co.nz Author : kebumen cyber J feat R Contact : [email protected]...

0.3AI score
Exploits0
packetstorm
packetstorm
added 2011/07/19 12:0 a.m.75 views

Centralia SQL Injection

Exploit : Centralia Sql Injenction Date : 16 July 2011 Author : Netrondoank Version : n/a Googel DorK : inurl:showcat.asp?id= Home : www.indotek.or.id Email: [email protected] + Exploit 1 Centralia showcat.asp?/display.asp? Sql Injenction - http://site/showcat.asp?id=sqli -...

0.4AI score
Exploits0
cve
cve
added 2010/10/14 5:0 p.m.44 views

CVE-2010-3533

CVE-2010-3533 affects PeopleSoft Enterprise SCM OM and CRM Order Capture (Oracle PeopleSoft/JD Edwards), specifically in PeopleSoft versions 8.9, 9.0 and 9.1. The initial description identifies an unspecified vulnerability that allows remote authenticated users to compromise confidentiality and i...

5.5CVSS5.5AI score0.01436EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder