Lucene search
K

541 matches found

OpenVAS
OpenVAS
added 2013/11/08 12:0 a.m.16 views

CentOS Update for gc CESA-2013:1500 centos6

Check for the Version of gc OpenVAS Vulnerability Test CentOS Update for gc CESA-2013:1500 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

5CVSS6.3AI score0.02766EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/11/05 12:0 a.m.21 views

RHEL 6 : gc (RHSA-2013:1500)

Updated gc packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

5CVSS5.8AI score0.02766EPSS
Exploits1References3
Amazon
Amazon
added 2013/11/04 12:0 a.m.19 views

Medium: gc

Issue Overview: It was discovered that gc's implementation of the malloc and calloc routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc and calloc routines, a remote attacker...

5CVSS7.8AI score0.02766EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2013/04/26 12:0 a.m.45 views

CMS Cameron McKenna 2013 Cross Site Scripting

+=============================================================================================+ + ©CMS Cameron McKenna 2013 Allow Execute Evil Remote Code + +=============================================================================================+ Authors: Ivan Sanchez & Raul DiazDshellnoi...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2013/04/19 12:0 a.m.30 views

Tienda Online CMS Cross Site Scripting

+=============================================================================================+ + Software Gestión GESIO & XSS & Allow Execute Evil Remote Code + +=============================================================================================+ Authors: Ivan Sanchez & Raul Diaz...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2013/03/25 12:0 a.m.48 views

PragmaMX Multiple Cross-Site Scripting Vulnerabilities

PragmaMX is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.3AI score0.01699EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2013/01/24 6:7 p.m.7 views

Console: XSS in invoke operation

It was found that the parameters passed to operation invocations on the JMX console were not properly sanitized. Remote attackers could use this flaw to inject arbitrary web script or HTML into the JMX console...

4.3CVSS6.3AI score0.01794EPSS
Exploits0References4
0day.today
0day.today
added 2012/12/30 12:0 a.m.41 views

Ubiquiti AirOS <= 5.5.2 Remote POST-Auth Root Command Execution

Exploit for hardware platform in category remote exploits !/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Ubiquiti AirOS 0x90.nl Software link :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/09/17 12:0 a.m.48 views

Spiceworks 6.0.00993 Cross Site Scripting

!-- Title: Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities Vendor: Spiceworks Inc. Product web page: http://www.spiceworks.com Affected version: 6.0.00993 and 6.0.00966 Summary: The Spiceworks IT Desktop delivers nearly everything you need to simplify your IT job. Available in a...

7.4AI score
Exploits0
Atlassian
Atlassian
added 2012/09/10 4:14 a.m.60 views

The JIRA/Crowd applications fail to properly sanitize user input in the query string of the website or in the value of a parameter

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-29640. panel We need to avoid Cross-site Scripting vulnerabilities. A function should be created to provide server side and client side inpu...

0.9AI score
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2010/12/09 12:0 a.m.32 views

Joomla! Component JE Auto 1.0 - SQL Injection

JE Auto 1.0 SQL Injection Vulnerability Name JE Auto Vendor http://joomlaextensions.co.in/extensions/components/je-auto.html Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-12-09 X. INDEX I. ABO...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/10/21 12:0 a.m.31 views

Squirrelcart PRO 3.0.0 - Blind SQL Injection

Squirrelcart PRO 3.0.0 Blind SQL Injection Vulnerability Name Squirrelcart PRO Vendor http://www.squirrelcart.com Versions Affected 3.0.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-21 X. INDEX I. ABOUT THE...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/07/18 12:0 a.m.51 views

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability Name RedShop Vendor http://redweb.dk Versions Affected 1.0.23.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-13 X. INDEX I. ABOUT THE...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/25 12:0 a.m.27 views

packeteer-xss.txt

Packeteer Products File Listing XSS Product: Packeteer PacketShaper http://www.packeteer.com/products/packetshaper/ Packeteer PolicyCenter http://www.packeteer.com/products/packetshaper/policycenter.cfm The web management interface of several Packeteer products contains a cross-site scripting...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/09/01 12:0 a.m.22 views

iwebnegar11.txt

:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/07 12:0 a.m.41 views

Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (1)

Title: Barracuda Arbitrary File Disclosure + Command Execution Severity: High Sensitive Information Disclosure Date: 01 August 2006 Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053 Discovered by: Greg Sinclair [email protected] Discovered on: 29 May 2006 Overview:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/12/05 12:0 a.m.28 views

Hot Links SQL 3.x XSS vuln.

Hot Links SQL 3.x XSS vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/hot-links-sql-3x-xss-vuln.html vendor:http://www.mrcgiguy.com/hlsqldetails.shtml affected version:3.1.x and prior Product Description: irectory style index allows for easy...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/27 12:0 a.m.48 views

PHPCart - Input Validation

source: https://www.securityfocus.com/bid/13406/info PHPCart is prone to a remote input validation vulnerability. The issue exists because the software fails to sufficiently sanitize URI parameter data that is employed when computing product charges. A remote attacker may exploit this issue to...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/12/08 12:0 a.m.23 views

Kerio Personal Firewall 2.1.x/4.x - Local Denial of Service

source: https://www.securityfocus.com/bid/11859/info It is reported that the Kerio Personal Firewall KPF driver does not sufficiently sanitize API parameters that are received from API's that are hooked by KPF. When the KPF API hook handles certain parameter data it will fail. Reports indicate th...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/06/13 12:0 a.m.22 views

PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities

PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/7898/info The PostNuke 'modules.php' script does not sufficiently sanitize data supplied via URI parameters, making it prone to cross-site scripting attacks. This could allow for execution of...

7AI score
Exploits0
Rows per page
Query Builder