Lucene search
K

7660 matches found

Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.28 views

openSUSE Security Update : rubygem-excon (openSUSE-2020-36)

This update for rubygem-excon fixes the following issues : CVE-2019-16779 boo1159342: Fix a race condition around persistent connections, where a connection, which was interrupted, would leave data on the socket. Subsequent requests would then read this data, returning content from the previous...

5.9CVSS5.8AI score0.014EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2020/01/14 12:0 a.m.11 views

Real Estate 7 < 2.9.5 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'Real Estate 7 WordPress', tested version — v2.9.4: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - Authenticated Persistent Self-XSS - IDOR - Information Exposure Edit WPScanTeam: January 12th - Report Received & Envato Contacted...

6.5AI score
Exploits0References2Affected Software1
wpexploit
wpexploit
added 2020/01/14 12:0 a.m.111 views

Real Estate 7 < 2.9.5 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'Real Estate 7 WordPress', tested version — v2.9.4: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - Authenticated Persistent Self-XSS - IDOR - Information Exposure Edit WPScanTeam: January 12th - Report Received & Envato Contacted...

6.6AI score
Exploits0References2
NVD
NVD
added 2020/01/13 6:15 p.m.19 views

CVE-2019-20212

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form...

6.1CVSS6.1AI score0.02582EPSS
Exploits4References9
OSV
OSV
added 2020/01/13 6:15 p.m.3 views

CVE-2019-20211

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...

6.1CVSS6.4AI score0.02582EPSS
Exploits4References9
NVD
NVD
added 2020/01/13 6:15 p.m.22 views

CVE-2019-20211

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...

6.1CVSS6.1AI score0.02582EPSS
Exploits4References9
Prion
Prion
added 2020/01/13 6:15 p.m.18 views

Cross site scripting

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...

4.3CVSS6AI score0.02582EPSS
Exploits4References9Affected Software3
Prion
Prion
added 2020/01/13 6:15 p.m.23 views

Cross site scripting

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form...

4.3CVSS6AI score0.02582EPSS
Exploits4References9Affected Software3
CVE
CVE
added 2020/01/13 5:44 p.m.85 views

CVE-2019-20212

CVE-2019-20212 affects WordPress themes CTHthemes CityBook (pre-2.3.4), TownHub (pre-1.0.6), and EasyBook (pre-1.2.2). The vulnerability is a Persistent XSS via the chat widget/page message form, allowing injected script to persist in user sessions. Red Hat and other sources corroborate the same ...

6.1CVSS5.9AI score0.02582EPSS
Exploits4References9Affected Software3
Cvelist
Cvelist
added 2020/01/13 5:44 p.m.21 views

CVE-2019-20212

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form...

6.1AI score0.02582EPSS
Exploits4References9
CVE
CVE
added 2020/01/13 5:39 p.m.85 views

CVE-2019-20211

The CVE-2019-20211 entry affects WordPress themes CTHthemes CityBook (&lt;2.3.4), TownHub (&lt;1.0.6), and EasyBook (

6.1CVSS5.9AI score0.02582EPSS
Exploits4References9Affected Software3
Cvelist
Cvelist
added 2020/01/13 5:39 p.m.18 views

CVE-2019-20211

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...

6.2AI score0.02582EPSS
Exploits4References9
WPVulnDB
WPVulnDB
added 2020/01/13 12:0 a.m.12 views

Travel Booking < 2.7.8.6 - Reflected & Persistent XSS Issues

Reflected & Persistent XSS vulnerability was discovered in the 'Travel Booking WordPress Theme', tested version — v2.7.8.5 Edit WPScanTeam: January 11th, 2020 - Report received & Envato contacted January 12th, 2020 - Report updated with Reflected XSS, Envato notified again. January 12th, 2020 -...

6.2AI score
Exploits0References2Affected Software1
wpexploit
wpexploit
added 2020/01/13 12:0 a.m.34 views

Travel Booking < 2.7.8.6 - Reflected & Persistent XSS Issues

Reflected & Persistent XSS vulnerability was discovered in the 'Travel Booking WordPress Theme', tested version — v2.7.8.5 Edit WPScanTeam: January 11th, 2020 - Report received & Envato contacted January 12th, 2020 - Report updated with Reflected XSS, Envato notified again. January 12th, 2020 -...

0.1AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/01/13 12:0 a.m.72 views

Security update for rubygem-excon (moderate)

openSUSE Security Update: Security update for rubygem-excon Announcement ID: openSUSE-SU-2020:0036-1 Rating: moderate References: 1159342 Cross-References: CVE-2019-16779 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

5.9CVSS5.5AI score0.014EPSS
Exploits0References1
Metasploit
Metasploit
added 2020/01/10 12:58 a.m.32 views

Install OpenSSH for Windows

This module installs OpenSSH server and client for Windows using PowerShell. SSH on Windows can provide pentesters persistent access to a secure interactive terminal, interactive filesystem access, and port forwarding over SSH. This module requires Metasploit: https://metasploit.com/download...

0.2AI score
Exploits0
wpexploit
wpexploit
added 2020/01/10 12:0 a.m.40 views

EasyBook < 1.2.2 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'EasyBook – Directory & Listing WordPress Theme', tested version — v1.2.1: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR December 27th, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January ??th, 2020 -...

6.4CVSS6.5AI score0.03243EPSS
Exploits7References1
WPVulnDB
WPVulnDB
added 2020/01/10 12:0 a.m.23 views

EasyBook < 1.2.2 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'EasyBook – Directory & Listing WordPress Theme', tested version — v1.2.1: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR December 27th, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January ??th, 2020 -...

6.4CVSS6.4AI score0.03243EPSS
Exploits7References1Affected Software1
NVD
NVD
added 2020/01/09 2:15 a.m.27 views

CVE-2020-5205

In Pow Hex package before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability...

6.5CVSS6.4AI score0.0077EPSS
Exploits0References3
Prion
Prion
added 2020/01/09 2:15 a.m.15 views

Session fixation

In Pow Hex package before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability...

5.5CVSS5.4AI score0.0077EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder