Lucene search
K

613 matches found

Cisco Threats
Cisco Threats
added 2014/04/16 9:41 p.m.6 views

Threat Outbreak Alert: Fake Profile Question Response Email Messages on April 16, 2014

Medium Alert ID: 33823 First Published: 2014 April 16 21:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that claim to contain an answer to a question regarding profile information for the recipient. The text in the email...

0.4AI score
Exploits0
NVD
NVD
added 2014/03/24 2:20 p.m.23 views

CVE-2014-2571

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

3.5CVSS5.1AI score0.00967EPSS
Exploits0References3
CVE
CVE
added 2014/03/22 1:0 a.m.47 views

CVE-2014-2571

Moodle is affected by CVE-2014-2571 due to an XSS in quiz_question_tostring in mod/quiz/editlib.php. The vulnerability affects Moodle up to 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allowing remote authenticated users to inject arbitrary script/HTML via a quiz questi...

3.5CVSS5.2AI score0.00967EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2014/03/05 4:37 p.m.11 views

CVE-2014-2235

Cross-site scripting XSS vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form...

4.3CVSS5.6AI score0.01925EPSS
Exploits1References5
seebug.org
seebug.org
added 2014/01/15 12:0 a.m.18 views

最新版通达OA几处存储型XSS

简要描述: 最新版通达OA几处存储型XSS 详细说明: 测试版本:下载 通达OA 2013增强版125MB 下载地址:http://www.tongda2000.com/download/2013adv.php 更新于 2013-12-26 13:30 1、讨论区发帖处发帖内容存储型XSS 2、回答“OA知道”问题时以源码方式编辑存在存储型XSS: 漏洞证明: img src="https://images.seebug.org/upload...

7.1AI score
Exploits0
Prion
Prion
added 2013/11/26 5:25 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in mod/quiz/report/responses/responsestable.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an answer to a text-based quiz question...

3.5CVSS5.7AI score0.00998EPSS
Exploits1References3Affected Software1
Exploit DB
Exploit DB
added 2013/06/17 12:0 a.m.45 views

SPBAS Business Automation Software 2012 - Multiple Vulnerabilities

SPBAS Business Automation Software- XSS & CSRF Vulnerability Date: 16 June 2013 Author: Christy Philip Mathew - www.offcon.org Vendor or Software Link: http://www.spbas.com Version: 2012 1.XSS Vulnerability a Client Area - My Info - Update the first name and last name to john" b Update the securi...

7AI score
Exploits0
0day.today
0day.today
added 2013/06/17 12:0 a.m.41 views

SPBAS Business Automation Software XSS & CSRF Vulnerability

Exploit for php platform in category web applications SPBAS Business Automation Software- XSS & CSRF Vulnerability Date: 16 June 2013 Author: Christy Philip Mathew - www.offcon.org Vendor or Software Link: http://www.spbas.com Version: 2012 1.XSS Vulnerability a Client Area - My Info - Update the...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/06/17 12:0 a.m.48 views

SPBAS Business Automation Software 2012 XSS / CSRF

SPBAS Business Automation Software- XSS & CSRF Vulnerability Date: 16 June 2013 Author: Christy Philip Mathew - www.offcon.org Vendor or Software Link: http://demo.spbas.com Version: 2012 1.XSS Vulnerability a Client Area - My Info - Update the first name and last name to john" b Update the...

0.6AI score
Exploits0
myhack58
myhack58
added 2013/03/24 12:0 a.m.14 views

apple ID can bypass the security question directly modify the password vulnerability-vulnerability warning-the black bar safety net

Use of premise: know the victim's apple id and the registered date of birth Using the steps of: The first step: 登录https://iforgot.apple.com/iForgot/iForgot.html fill in the specified apple id, click Next Second step: select the authentication method-the answer to the security question, click Next...

0.1AI score
Exploits0
0day.today
0day.today
added 2013/03/22 12:0 a.m.21 views

WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities

IndiaNIC FAQ Settings Page is vulnerable for CSRF. The Ask Question area front-end is vulnerable for XSS. It is possible to insert alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field =================== We don't need the captcha Image when we have this ...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2013/03/22 12:0 a.m.17 views

WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities

WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field Part of Ask Question form =================== We don't need the captcha Image when we have this xD Request from Ask Question area X...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2013/03/22 12:0 a.m.19 views

WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities

alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field Part of Ask Question form =================== We don't need the captcha Image when we have this xD Request from Ask Question area XSS in question parameter POST /wordpress/wp-admin/admin-ajax.php HTTP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/03/22 12:0 a.m.19 views

WordPress IndiaNIC FAQS Manager 1.0 XSS / CSRF

alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field Part of Ask Question form =================== We don't need the captcha Image when we have this xD Request from Ask Question area XSS in question parameter POST /word...

0.6AI score
Exploits0
0day.today
0day.today
added 2012/11/16 12:0 a.m.42 views

friendsinwar FAQ Manager (view_faq.php, question param) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: friendsinwar FAQ Manager SQL Injection URL Vulnerability Date: 16.11 2012 Exploit Author: unsuprise Vendor Homepage: http://www.friendsinwar.com Software Link:http://www.friendsinwar.com/scriptdemo/thefaqmanager/ Tested on:...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/10/27 12:0 a.m.13 views

Anwsion(v1. 1-Beta4) injection vulnerability-vulnerability warning-the black bar safety net

apphomemain.php8 5: public function exploreaction // Omitted........... By. Rices - Forum: T00ls.Net - Blog: Rices. so if $GET'category' if isnumeric$GET'category' //It is said before there can also be the injection so is isnum.. $categoryinfo = $this-model'system'-getcategoryinfo$GET'category'; ...

1.2AI score
Exploits0
NVD
NVD
added 2012/07/21 3:38 a.m.12 views

CVE-2012-2356

The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a savequestion action...

4CVSS5.9AI score0.01414EPSS
Exploits0References2
OSV
OSV
added 2012/07/21 3:38 a.m.2 views

UBUNTU-CVE-2012-2356

The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a savequestion action...

4CVSS5.8AI score0.01414EPSS
Exploits0References3
Cvelist
Cvelist
added 2012/07/21 1:0 a.m.23 views

CVE-2012-2356

The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a savequestion action...

5.9AI score0.01414EPSS
Exploits0References2
CVE
CVE
added 2012/07/21 1:0 a.m.48 views

CVE-2012-2356

Summary of CVE-2012-2356 Affected: Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3. Issue: remote authenticated users can bypass intended capability requirements in the question-bank feature and save questions via a save_question action. Root cause: not explicitly detailed in the provided docume...

4CVSS6AI score0.01414EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder