Lucene search
K

254 matches found

CNVD
CNVD
added 2018/04/19 12:0 a.m.2 views

Google Android has an unspecified vulnerability (CNVD-2018-09753)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the Qualcomm SD 845 and SD 850 are central processing unit CPU products from Qualcomm. A security vulnerability exists in the Qualcomm closed-source component in Android, whic...

7.5CVSS6.9AI score0.00887EPSS
Exploits0References1
NVD
NVD
added 2018/04/18 2:29 p.m.13 views

CVE-2016-10494

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, ...

10CVSS8.7AI score0.01421EPSS
Exploits0References2
Prion
Prion
added 2018/04/18 2:29 p.m.13 views

Integer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer...

10CVSS8.7AI score0.01355EPSS
Exploits0References2
Prion
Prion
added 2018/04/18 2:29 p.m.19 views

Integer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, ...

10CVSS9.7AI score0.01421EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/04/18 2:0 p.m.23 views

CVE-2015-9118

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer...

10AI score0.01355EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/04/18 2:0 p.m.28 views

CVE-2016-10494

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, ...

9.8AI score0.01421EPSS
Exploits0References2
NVD
NVD
added 2018/04/11 3:29 p.m.16 views

CVE-2017-18143

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled...

7.5CVSS7.8AI score0.00887EPSS
Exploits0References2
Prion
Prion
added 2018/04/11 3:29 p.m.10 views

Code injection

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled...

5CVSS8AI score0.00887EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2014/03/08 12:0 a.m.19 views

E-Store 1.0 / 2.0 SQL Injection

Exploit Author: Nawaf Alkeraithe ====================================== for "E-store 1.0": Google Dork: "Powered by: PD" inurl:"page.php?id" Vulnerable page: http://target/page.php?id=SQL Injection ====================================== for "E-store 2.0": Google Dork: "Powered by: PD"...

0.1AI score
Exploits0
NVD
NVD
added 2013/04/19 11:44 a.m.15 views

CVE-2013-0129

Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...

3.5CVSS5.4AI score0.00815EPSS
Exploits0References2
Prion
Prion
added 2013/04/19 11:44 a.m.9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...

3.5CVSS5.6AI score0.00815EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2013/04/19 11:44 a.m.1 views

CVE-2013-0129

Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...

3.5CVSS5.4AI score0.00815EPSS
Exploits0References3
CVE
CVE
added 2013/04/19 10:0 a.m.50 views

CVE-2013-0129

pd-admin before 4.17 is vulnerable to cross-site scripting (XSS) via two vectors: the WebFTP Overview “Create new directory” field and the body of an e-mail autoresponder message. The root cause is improper input handling that allows injection of arbitrary script/HTML. Impact stated across source...

3.5CVSS5.5AI score0.00815EPSS
Exploits0References2Affected Software1
CERT
CERT
added 2013/04/15 12:0 a.m.29 views

pd-admin contains cross-site scripting vulnerabilities

Overview pd-admin, a web interface for users of hosting providers, is susceptible to cross-site scripting XSS vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' pd-admin, contains cross-site scripting XSS vulnerabilities. The...

3.5CVSS5.9AI score0.00815EPSS
Exploits0References3
0day.today
0day.today
added 2012/06/20 12:0 a.m.24 views

PROFESSIONAL DESIGNER - SQL Injection Vulnerability

Exploit for php platform in category web applications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/01/23 12:0 a.m.42 views

CultBooking 2.0.4 Multiple Vulnerabilities

Exploit for php platform in category web applications CultBooking 2.0.4 lang Local File Inclusion Vulnerability Vendor: Cultuzz Digital Media GmbH Product web page: http://www.cultuzz.com Affected version: 2.0.4 Summary: Open source hotel booking system Internet Booking Engine IBE. Via a central...

7.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2011/01/22 12:0 a.m.66 views

CultBooking 2.0.4 (cultbooking.php) Multiple XSS/PD Vulnerabilities

Summary Open source hotel booking system Internet Booking Engine IBE. Via a central api called CultSwitch it is possible to make bookings and set the actual availabilities in the hotels pms. This is easy to install and easy to integrate with full support. Description CultBooking Hotel Booking...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/15 12:0 a.m.22 views

MantisBT 1.2.3 Cross Site Scripting / Path Disclosure

MantisBT =1.2.3 dbtype Cross-Site Scripting & Path Disclosure Vulnerability Vendor: MantisBT Group Product web page: http://www.mantisbt.org Version affected: 1.2.4 Summary: MantisBT is a free popular web-based bugtracking system. It is written in the PHP scripting language and works with MySQL, ...

7.4AI score
Exploits0
NVD
NVD
added 2010/03/16 7:30 p.m.12 views

CVE-2010-0977

PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb...

5CVSS6.3AI score0.01325EPSS
Exploits1References4
CVE
CVE
added 2010/03/16 7:0 p.m.37 views

CVE-2010-0977

PD PORTAL 4.0 is described as storing sensitive information under the web root with insufficient access control, enabling remote attackers to download the database file db.mdb via a direct request. The available sources confirm this vulnerability pattern but do not provide detailed exploit steps,...

5CVSS6.5AI score0.01325EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder