CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account on a vulnerable CASified service. This security update introduces an incompatible API change. Afte...

8CVSS6.4AI score0.00989EPSS

Exploits0References2

Tenable Nessus•added 2024/07/24 12:0 a.m.•23 views

Ubuntu 20.04 LTS / 22.04 LTS : phpCAS vulnerability (USN-6913-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6913-1 advisory. Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use...

8CVSS7.5AI score0.00989EPSS

Exploits0References2

UbuntuCve•added 2010/10/07 9:0 p.m.•17 views

CVE-2010-3690

Multiple cross-site scripting XSS vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Proxy Granting Ticket IOU PGTiou parameter to the callback function in client.php, 2 vectors involving functions that...

4.3CVSS6AI score0.01041EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by