Lucene search
K

26 matches found

Packet Storm
Packet Storm
added 2017/08/24 12:0 a.m.49 views

Trend Micro Hosted Email Security (HES) Interception / Insecure Direct Object Reference

Date: 24-Aug-2017 Product: Trend Micro Hosted Email Security HES Versions affected: Hosted Email Security before January 2012. Vulnerability: Two vulnerabilities were discovered. The first allowed any HES user to intercept in-transit emails through the Trend Micro Hosted Email Security cloud...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/06 12:0 a.m.85 views

Moodle 2.4.10 / 2.5.6 / 2.6.3 / 2.7 Account Information Disclosure

https://www.osisecurity.com.au/moodle-url-manipulation-remote-account-information-disclosure.html Date: 04-Apr-2017 Product: Moodle Versions affected: 2.4.10, 2.5.6, 2.6.3, 2.7 and earlier. Vulnerability: Information disclosure. Example: /user/edit.php?id= reveals account owner name 1. Log in to...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/06 12:0 a.m.46 views

iPlatinum iOneView Cross Site Scripting

https://www.osisecurity.com.au/iplatinum-ioneview-multiple-parameter-reflected-xss.html Date: 04-Apr-2017 Product: iPlatinum iOneView Versions affected: Unknown. Vulnerabilities: 1 Cross-site scripting: http://target/ioneview/admin/main.pl?cmd=alertdocument.cookie...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.55 views

Trimble / Manhattan Software IWMS 9.x XXE Injection

https://www.osisecurity.com.au/manhattan-software-iwms-integrated-workplace-management-system-xml-external-entity-xxe-injection-file-disclosure.html Date: 04-Apr-2017 Product: Trimble / Manhattan Software IWMS integrated workplace management system Versions affected: 9.x Vulnerability: XML Extern...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.43 views

Kaseya VSA 6.5.0.0 XSS / Brute Force

https://www.osisecurity.com.au/kaseya-parameter-reflected-xss-enumeration-and-bruteforce-weakness.html Date: 04-Apr-2017 Software: Kaseya Affected version: Kaseya VSA v6.5.0.0. Vulnerability details: 1. The "forgot password" function at https://target/access/logon.asp reveals whether a username i...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.51 views

Kaseya VSA 9.02.00.04 Information Disclosure

https://www.osisecurity.com.au/kaseya-information-disclosure-vulnerability.html Date: 04-Apr-2017 Product: Kaseya VSA Versions affected: 9.02.00.04 Vulnerability: Installations of Kaseya contain the following installation page: https://target/install/kaseya.html When the product is installed, it...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.55 views

SilverStripe CMS 3.1.9 Path Disclosure

https://www.osisecurity.com.au/silverstripe-cms---path-disclosure.html Date: 04-Apr-2017 Product: SilverStripe CMS Versions affected: 3.1.9 and below. Vulnerability: Path disclosure. Example URL: http://target/dev/build/ Path reported: /home/target/publichtml/framework/dev/DebugView.php...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.64 views

Airwatch 6.1.x / 6.4.x LDAP Injection

https://www.osisecurity.com.au/airwatch-self-service-portal-username-parameter-ldap-injection.html Date: 04-Apr-2017 Product: AirWatch Self Service MDM Versions affected: v6.1.x v6.4.x Vulnerability: LDAP injection Example: https://target/DeviceManagement/ URL accepts the following POST parameter...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.53 views

Tweek!DM Document Management Bypass / SQL Injection

https://www.osisecurity.com.au/tweekdm-document-management-authentication-bypass-sql-injection-vulnerabilities.html Date: 04-Apr-2017 Product: Tweek!DM Document Management Versions affected: Unknown Vulnerabilities: 1 Authentication bypass - the software sends a 301 Location redirect back to the...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.51 views

AcoraCMS 7.0.0.6 Browser Redirect / Cross Site Scripting

https://www.osisecurity.com.au/acoracms-browser-redirect-and-cross-site-scripting-vulnerabilities.html Date: 04-Apr-2017 Product: AcoraCMS Versions affected: 7.0.0.6 known bugs from 6.0.6 are still present http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt. Vulnerabilities: 1 Arbitrar...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.91 views

Inchoo Facebook Connect Cross Site Scripting

https://www.osisecurity.com.au/inchoo-facebook-connect-extension-for-magento-parameter-xss.html Date: 04-Apr-2017 Product: Inchoo Facebook Connect Magento Plugin Vulnerability: Reflected cross-site scripting. Details: Within ./app/code/community/Inchoo/Facebook/Block/Channel.php return 'isSecure ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.49 views

LanternCMS Cross Site Scripting / SQL Injection

https://www.osisecurity.com.au/lantern-cms-path-disclosure-sql-injection-reflected-xss.html Date: 04-Apr-2017 Product: LanternCMS Versions affected: Unknown Vulnerabilities: 1 Path disclosure By requesting a site with an invalid intSiteI or numRedirectCount:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.71 views

Avaya Radvision SCOPIA Desktop SQL Injection

https://www.osisecurity.com.au/avaya-radvision-scopia-desktop-dlgloginowneridjsp-ownerid-sql-injection.html Date: 04-Apr-2017 Product: Avaya Radvision SCOPIA Desktop Versions affected: v7.7.000.042 released in 2011 confirmed v8.2.101.046 relased in 2013 confirmed Vulnerability: Blind SQL injectio...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.95 views

Computer Associates (Layer7) API Gateway 7 / 8 / 9 CRLF Response Splitting / Directory Traversal

https://www.osisecurity.com.au/computer-associates-api-gateway-crlf-response-splitting-directory-traversal-vulnerabilities.html Date: 04-Apr-2017 Product: Computer Associates Layer7 API Gateway Versions affected: v7, v8, v9 Vulnerabilities: 1 CRLF Response Splitting...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.354 views

SmartJobBoard 5.0.9 Cross Site Scripting / Information Disclosure

https://www.osisecurity.com.au/smartjobboard---cross-site-scripting-personal-information-disclosure-and-phpmailer-package.html Date: 04-Apr-2017 Product: SmartJobBoard Versions affected: v5.0.9 and below. Vulnerability: 1 Cross-site scripting vulnerabilities in the following locations and...

10AI score0.99714EPSS
Exploits59
Packet Storm
Packet Storm
added 2011/12/12 12:0 a.m.52 views

Squiz Matrix User Account Enumeration

Squiz Matrix - User Account Enumeration http://www.osisecurity.com.au/advisories/squiz-matrix-user-enumeration Release Date: 12-Dec-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application development tools. ...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/12/12 12:0 a.m.35 views

OSI Security: Squiz Matrix - User Account Enumeration

Squiz Matrix - User Account Enumeration http://www.osisecurity.com.au/advisories/squiz-matrix-user-enumeration Release Date: 12-Dec-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application development tools. ...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/07/26 12:0 a.m.50 views

OSI Security: Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability

Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/cyberoam-authenticated-cross-site-scripting Release Date: 20-Jul-2011 Software: Elitecore Technologies - Cyberoam http://www.cyberoam.com/ "Cyberoam Unified Threat Management...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2011/07/20 12:0 a.m.45 views

Elitecore Cyberoam UTM Cross Site Scripting

Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/cyberoam-authenticated-cross-site-scripting Release Date: 20-Jul-2011 Software: Elitecore Technologies - Cyberoam http://www.cyberoam.com/ "Cyberoam Unified Threat Management...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.80 views

JFreeChart - Path Disclosure vulnerability

JFreeChart - Path Disclosure http://www.osisecurity.com.au/advisories/jfreechart-path-disclosure Release Date: 17-Jun-2011 Software: JFree.org - JFreeChart http://www.jfree.org/ "A free Java chart library. JFreeChart supports pie charts 2D and 3D, bar charts horizontal and vertical, regular and...

Exploits0
Rows per page
Query Builder