CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2023/11/01 3:30 p.m.•10 views

CVE-2023-40061 Insecure Job Execution Mechanism Vulnerability

Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result...

8.8CVSS7.2AI score0.00101EPSS

CNNVD•added 2023/11/01 12:0 a.m.•1 views

SolarWinds Platform Input Validation Error Vulnerability

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. An input validation error vulnerability exists in SolarWinds Platform that stems from the presence of an insecure job execution mechanism vulnerability that could lead to...

8.8CVSS6.8AI score0.00101EPSS

Exploits0References2

OSV•added 2023/08/03 10:15 p.m.•0 views

CVE-2023-37500

A Persistent Cross-site Scripting XSS vulnerability can be carried out on certain pages of Unica Platform. An attacker could hijack a user's session and perform other attacks...

6.1CVSS5.8AI score

CNVD•added 2022/07/21 12:0 a.m.•12 views

IBM Sterling Partner Engagement Manager Server-Side Request Forgery Vulnerability

IBM Sterling Partner Engagement Manager is an automation management tool from IBM U.S.A. A server-side request forgery vulnerability exists in IBM Sterling Partner Engagement Manager, which stems from the product's failure to properly validate user input and could be exploited by an authenticated...

5.4CVSS3AI score0.00097EPSS

Prion•added 2021/07/28 1:15 p.m.•14 views

Server side request forgery (ssrf)

IBM Jazz Foundation products are vulnerable to server side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434...

6.5CVSS6AI score0.00168EPSS

Exploits0References2Affected Software8

CNVD•added 2016/08/21 12:0 a.m.•1 views

Multiple Cross-Site Scripting Vulnerabilities in Geeklog IVYWE

geeklog is an open source content management system CMS. Multiple cross-site scripting vulnerabilities exist in Geeklog IVYWE. Because the program fails to properly perform user-supplied input, an attacker could exploit the vulnerabilities to execute arbitrary script code in a trusted user's...

6.1CVSS6.9AI score0.00801EPSS

CNVD•added 2015/12/17 12:0 a.m.•1 views

Redmine Cross-Site Scripting Vulnerability

Redmine is a set of open source Web-based project management and defect tracking tools . A cross-site scripting vulnerability exists in Redmine. An attacker can exploit this vulnerability to execute arbitrary script code, steal cookie-based authentication and launch other attacks...

6.1CVSS6.7AI score0.0044EPSS

seebug.org•added 2014/07/01 12:0 a.m.•16 views

IDevSpot iSupport 1.8 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19964/info IDevSupport iSupport is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application and...

seebug.org•added 2014/07/01 12:0 a.m.•26 views

common solutions csphonebook 1.02 'index.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30485/info The 'csphonebook' program from common solutions is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

ac4p Mobile polls.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execu...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

Meet#Web 0.8 modules.php root_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30673/info MeetWeb is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

seebug.org•added 2014/07/01 12:0 a.m.•18 views

OBLOG 'err.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33416/info OBLOG is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Exploit DB•added 2013/01/03 12:0 a.m.•27 views

Belkin Wireless Router - Default WPS PIN Security

source: https://www.securityfocus.com/bid/57128/info Belkin Wireless Router is prone to a security vulnerability that may allow attackers to generate a default WPS PIN. Successfully exploiting this issue may allow attackers to generate the default WPS PIN. This may lead to other attacks. Belkin...

7.4AI score

exploitpack•added 2010/08/11 12:0 a.m.•15 views

Portable Document Format - Specification Signature Collision

Portable Document Format - Specification Signature Collision source: https://www.securityfocus.com/bid/42377/info The Portable Document Format PDF specification is prone to a signature-collision attack when signing PDF documents. An attacker can exploit this issue to create PDF documents containi...

0.1AI score