Lucene search
K

613 matches found

Tenable Nessus
Tenable Nessus
added 2012/06/04 12:0 a.m.16 views

Fedora 17 : moodle-2.2.3-1.fc17 (2012-8284)

CVE-2012-2353 MSA-12-0024: Hidden information access issue CVE-2012-2354 MSA-12-0025: Personal communication access issue CVE-2012-2355 MSA-12-0026: Quiz capability issue CVE-2012-2356 MSA-12-0027: Question bank capability issues CVE-2012-2357 MSA-12-0028: Insecure authentication issue...

6.5CVSS5.4AI score0.0169EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/04/26 5:15 a.m.1 views

OSQA vulnerable to cross-site scripting

Overview OSQA The Open Source Q system contains a cross-site scripting vulnerability. OSQA is an open source question and answer system. OSQA contains a cross-site scripting vulnerability. Kousuke Ebihara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...

4.3CVSS6AI score0.01161EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2012/03/19 7:55 p.m.3 views

CVE-2012-1464

Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are obtained from third party informatio...

5CVSS5.6AI score0.03368EPSS
Exploits1References11
The Hacker News
The Hacker News
added 2011/10/17 6:31 p.m.3 views

Miley Cyrus Needs A Lecture on Cyber Security

Miley Cyrus Needs A Lecture on Cyber Security The man, who is currently facing up to 121 years behind bars, has been charged with 26 counts of identity theft, wire-tapping and unauthorised access to protected computer.Chaney, who has been in contact with TMZ for the last two years, has contacted...

7.2AI score
Exploits0
NVD
NVD
added 2011/03/02 8:0 p.m.22 views

CVE-2011-0051

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...

6.8CVSS6.2AI score0.01823EPSS
Exploits1References8
Cvelist
Cvelist
added 2011/03/02 7:0 p.m.23 views

CVE-2011-0051

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...

9.4AI score0.01823EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2011/03/02 12:0 a.m.44 views

CVE-2011-0051

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...

6.8CVSS7.2AI score0.01823EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2011/03/01 12:0 a.m.24 views

Question And Answer Forum 1.2.4 Cross Site Scripting

Vulnerability ID: HTB22861 Reference: http://www.htbridge.ch/advisory/xssinquestionandanswerforumwordpressplugin.html Product: Question and Answer Forum wordpress plugin Vendor: David Woodford hhttp://trevorpythag.co.uk Vulnerable Version: 1.2.4 Vendor Notification: 15 February 2011 Vulnerability...

0.2AI score
Exploits0
htbridge
htbridge
added 2011/02/15 12:0 a.m.33 views

Cross-site Scripting (XSS) Vulnerability in Question and Answer Forum

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Question and Answer Forum WordPress plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Question and Answer Forum The vulnerability exists due to input...

4.3CVSS6AI score
Exploits0Affected Software1
NVD
NVD
added 2010/11/09 1:0 a.m.24 views

CVE-2010-4213

The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data...

4.3CVSS6.1AI score0.00905EPSS
Exploits0References3
Prion
Prion
added 2010/11/09 1:0 a.m.15 views

Security feature bypass

The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data...

4.3CVSS6.6AI score0.00905EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/11/08 11:0 p.m.26 views

CVE-2010-4213

The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data...

6.1AI score0.00905EPSS
Exploits0References3
Metasploit
Metasploit
added 2010/09/27 1:31 p.m.60 views

Windows MessageBox

Spawns a dialog via MessageBox using a customizable title, text & icon This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 231 include Msf::Payload::Windows include Msf::Payload::Singl...

7.3AI score
Exploits0
Prion
Prion
added 2010/07/12 1:27 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the twbkwbis.PSecurityQuestion aka Change Security Question page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field...

4.3CVSS6.1AI score0.00845EPSS
Exploits0References2Affected Software1
myhack58
myhack58
added 2010/04/24 12:0 a.m.17 views

oask question Answering System v2. 0 0day-vulnerability warning-the black bar safety net

Post a oask question and answer system 0day latest version http://127.0.0.1/admin/index.asp The background configuration file, in the Administrator's mailbox of written word a"%%eval request"a"'...

0.9AI score
Exploits0
NVD
NVD
added 2010/02/11 5:30 p.m.16 views

CVE-2010-0614

SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the 1 question action, and possibly the 2 subpar or 3 numquest actions...

7.5CVSS8.4AI score0.01199EPSS
Exploits1References7
Prion
Prion
added 2010/01/28 8:30 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in staff/index.php in Kayako SupportSuite 3.60.04 and earlier allow remote authenticated users to inject arbitrary web script or HTML via the 1 subject parameter and 2 contents parameter aka body in an insertquestion action. NOTE: some of these...

3.5CVSS5.7AI score0.0103EPSS
Exploits1References6Affected Software2
NVD
NVD
added 2009/09/08 10:30 a.m.16 views

CVE-2008-7171

Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...

4.3CVSS5.8AI score0.01445EPSS
Exploits1References4
Prion
Prion
added 2009/09/08 10:30 a.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...

4.3CVSS6AI score0.01445EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/09/08 10:0 a.m.16 views

CVE-2008-7171

Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...

5.8AI score0.01445EPSS
Exploits1References4
Rows per page
Query Builder