Lucene search
K

136 matches found

Cvelist
Cvelist
added 2019/10/31 3:28 p.m.26 views

CVE-2009-5043

burn allows file names to escape via mishandled quotation marks...

9.5AI score0.0123EPSS
Exploits0References1
CVE
CVE
added 2019/10/31 3:28 p.m.55 views

CVE-2009-5043

Technical details for CVE-2009-5043 are not publicly available in the provided connected documents. No affected products, versions, or remediation are specified here; monitor for updated advisories.

9.8CVSS9.3AI score0.0123EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/09/26 12:0 a.m.1 views

SQL Injection Vulnerability in Kaixin Quote System V2.0

Qixing Quotation System V2.0 is a general management system developed for material quotations. The Qixing Quotation System V2.0 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

7.6AI score
Exploits0
CNVD
CNVD
added 2019/09/26 12:0 a.m.1 views

Unauthorized Download Vulnerability in Kaixin Quote System

Qixing Quotation System V2.0 is a general management system developed for material quotations. Unauthorized download vulnerability exists in the Qixing Quotation System, which can be exploited by an attacker to obtain sensitive information by unauthorized downloading of sensitive files...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/07/08 12:0 a.m.26 views

Fedora 30 : filezilla / libfilezilla (2019-7b9af09b17)

Bugfixes, and a security fix: Fixed vulnerabilities : Filenames containing double-quotation marks were not escaped correctly when selected for opening/editing. Depending on the associated program, parts of the filename could be interpreted as commands. Note that Tenable Network Security has...

5.5AI score
Exploits0References1
CNVD
CNVD
added 2018/05/29 12:0 a.m.3 views

EasyService Billing Cross-Site Request Forgery Vulnerability

EasyService Billing is a PHP-based service-oriented consumer business management system . A cross-site request forgery vulnerability exists in EasyService Billing version 1.0. A remote attacker can exploit this vulnerability to perform unauthorized operations with...

8.8CVSS6.9AI score0.02435EPSS
Exploits5References1
0day.today
0day.today
added 2018/05/29 12:0 a.m.37 views

EasyService Billing 1.0 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications history.pushState'', '', '/' form action="http://test.com/EasyServiceBilling/quotation-new3-new2.php?add=true&id=139" method="P...

0.1AI score0.02435EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/05/26 12:0 a.m.30 views

EasyService Billing 1.0 - Cross-Site Request Forgery

history.pushState'', '', '/' input type="hidden" nam...

8.8CVSS8.8AI score0.02435EPSS
Exploits6
exploitpack
exploitpack
added 2018/05/26 12:0 a.m.42 views

EasyService Billing 1.0 - Cross-Site Request Forgery

EasyService Billing 1.0 - Cross-Site Request Forgery history.pushState'', '', '/' input typ...

6.8CVSS0.3AI score0.02435EPSS
Exploits6
NVD
NVD
added 2018/05/25 12:29 p.m.22 views

CVE-2018-11442

A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...

8.8CVSS8.6AI score0.02435EPSS
Exploits5References2
OSV
OSV
added 2018/05/25 12:29 p.m.4 views

CVE-2018-11442

A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...

8.8CVSS5.8AI score0.02435EPSS
Exploits5References2
Prion
Prion
added 2018/05/25 12:29 p.m.16 views

Cross site request forgery (csrf)

A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...

6.8CVSS8.6AI score0.02435EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2018/05/25 12:0 p.m.62 views

CVE-2018-11442

CVE-2018-11442 concerns a Cross‑Site Request Forgery in EasyService Billing 1.0. The vulnerability is triggered via the URI quotation-new3-new2.php?add=true&id= and can enable unauthorized actions on behalf of an authenticated user (CSRF in the quotation process). Several connected records descri...

8.8CVSS8.5AI score0.02435EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2018/05/25 12:0 p.m.24 views

CVE-2018-11442

A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...

8.6AI score0.02435EPSS
Exploits5References2
Packet Storm
Packet Storm
added 2018/05/22 12:0 a.m.24 views

EasyService Billing 1.0 SQL Injection / Cross Site Scripting

------------------- Exploit 1 of 2: Exploit Title: EasyService Billing 1.0 - 'template.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage:...

0.5AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/11/13 12:31 p.m.16 views

Threat Outbreak Alert RuleID30923: Email Messages Distributing Malicious Software on November 13, 2017

Medium Alert ID: 55882 First Published: 2017 November 13 12:31 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30923 may contain the following files: Name |...

0.1AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/09/18 2:18 p.m.10 views

Threat Outbreak Alert RuleID30637: Email Messages Distributing Malicious Software on September 18, 2017

Medium Alert ID: 55318 First Published: 2017 September 18 14:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30637 may contain the following files: Name ...

6.9AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/05/30 6:46 p.m.14 views

Threat Outbreak Alert RuleID29302: Email Messages Distributing Malicious Software on May 29, 2017

Medium Alert ID: 53991 First Published: 2017 May 30 18:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29302 may contain the following files: Name | Size...

0.4AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/05/23 3:6 p.m.12 views

Threat Outbreak Alert RuleID29243: Email Messages Distributing Malicious Software on May 23, 2017

Medium Alert ID: 53929 First Published: 2017 May 23 15:06 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29243 may contain the following files: Name | Size...

0.2AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/05/12 3:43 p.m.16 views

Threat Outbreak Alert RuleID29125: Email Messages Distributing Malicious Software on May 12, 2017

Medium Alert ID: 53824 First Published: 2017 May 12 15:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29125 may contain the following files: Name | Size...

0.3AI score
Exploits0
Rows per page
Query Builder