Lucene search
K

33 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-4596

Malware in sbrugna...

5CVSS6.4AI score0.0116EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-4481

Malware in sbrugna...

4CVSS6.4AI score0.00962EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-4595

Malware in sbrugna...

7.5CVSS6.4AI score0.01383EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-4478

Malware in sbrugna...

4.3CVSS6.4AI score0.00921EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-4479

Malware in sbrugna...

5.8CVSS6.4AI score0.01034EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:46 a.m.10 views

CVE-2011-4677

One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

7.5CVSS7.2AI score0.01383EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 a.m.10 views

CVE-2011-4555

One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service login disruption or spoof votes or comments by selecting a conflicting e-mail address...

4CVSS6.6AI score0.00962EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 a.m.9 views

CVE-2011-4554

One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via 1 " double quote and newline characters in an org name or 2 " double quote characters in an e-mail address, related to a "2nd Order SMTP Injection" issue...

5.5CVSS6.7AI score0.00955EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 a.m.11 views

CVE-2011-4553

Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow 1 remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the returnto parameter, and allow 2 remote authenticated users to redirect users to arbitrary web sites and conduct phishing...

5.8CVSS6.9AI score0.01034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:25 a.m.9 views

CVE-2011-4678

The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests...

5CVSS7.2AI score0.0116EPSS
Exploits0References1
NVD
NVD
added 2011/12/06 11:55 a.m.19 views

CVE-2011-4677

One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

7.5CVSS6.8AI score0.01383EPSS
Exploits0References2
NVD
NVD
added 2011/12/06 11:55 a.m.15 views

CVE-2011-4554

One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via 1 " double quote and newline characters in an org name or 2 " double quote characters in an e-mail address, related to a "2nd Order SMTP Injection" issue...

5.5CVSS6.3AI score0.00955EPSS
Exploits0References2
NVD
NVD
added 2011/12/06 11:55 a.m.16 views

CVE-2011-4555

One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service login disruption or spoof votes or comments by selecting a conflicting e-mail address...

4CVSS6.3AI score0.00962EPSS
Exploits0References2
NVD
NVD
added 2011/12/06 11:55 a.m.18 views

CVE-2011-4678

The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests...

5CVSS6.8AI score0.0116EPSS
Exploits0References2
NVD
NVD
added 2011/12/06 11:55 a.m.20 views

CVE-2011-4553

Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow 1 remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the returnto parameter, and allow 2 remote authenticated users to redirect users to arbitrary web sites and conduct phishing...

5.8CVSS6.5AI score0.01034EPSS
Exploits0References2
NVD
NVD
added 2011/12/06 11:55 a.m.14 views

CVE-2011-4552

Multiple cross-site scripting XSS vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the description field of 1 a new vote or 2 the eject member proposal feature...

4.3CVSS5.8AI score0.00921EPSS
Exploits0References2
Prion
Prion
added 2011/12/06 11:55 a.m.13 views

Code injection

One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service login disruption or spoof votes or comments by selecting a conflicting e-mail address...

4CVSS6.8AI score0.00962EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2011/12/06 11:55 a.m.17 views

Design/Logic Flaw

The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests...

5CVSS7.3AI score0.0116EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2011/12/06 11:55 a.m.13 views

Design/Logic Flaw

One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

7.5CVSS7.3AI score0.01383EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2011/12/06 11:55 a.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the description field of 1 a new vote or 2 the eject member proposal feature...

4.3CVSS6AI score0.00921EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder