Lucene search
K

7082 matches found

OSV
OSV
added 2020/01/22 6:15 a.m.3 views

CVE-2019-12490

An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...

6.5CVSS5.8AI score0.01574EPSS
Exploits1References2
NVD
NVD
added 2020/01/22 6:15 a.m.24 views

CVE-2019-12490

An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...

6.5CVSS7.1AI score0.01574EPSS
Exploits1References2
Prion
Prion
added 2020/01/22 6:15 a.m.17 views

Code injection

An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...

4.3CVSS7AI score0.01574EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/01/22 5:10 a.m.27 views

CVE-2019-12490

An issue was discovered in Simple Machines Forum SMF before 2.0.16. Reverse tabnabbing can occur because of use of blank for external links...

6.8AI score0.01574EPSS
Exploits1References2
CVE
CVE
added 2020/01/22 5:10 a.m.113 views

CVE-2019-12490

SMF contains a reverse tabnabbing flaw (CVE-2019-12490) in which external links opened with _blank can enable credential theft when a user visits a crafted site. Affected: Simple Machines Forum before 2.0.16. Root cause: improper handling of external links (target="_blank"). Impact documented as ...

6.5CVSS6.4AI score0.01574EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2020/01/22 12:0 a.m.2 views

Simple Machines Forum (SMF) Reverse Tag Phishing Vulnerability

Simple Machines Forum is developed by Simple Machines open source Internet forums , message board programs. A reverse tag phishing vulnerability exists in Simple Machines Forum SMF versions prior to 2.0.16. The vulnerability stems from the use of blank for external links. An attacker can exploit...

6.5CVSS6.8AI score0.01574EPSS
Exploits1References1
Hacker One
Hacker One
added 2020/01/20 9:46 p.m.43 views

Internet Bug Bounty: Squid as reverse proxy RCE and data leak

Summary: This was a very difficult experience as Squid maintainers took a long time to answer. I tried getting help from HackerOne support, Dropbox support and the Internet Bug Bounty never e-mailed me back to no avail. What could have taken a few days took months. The vulnerability concerns a...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2020/01/17 8:30 p.m.134 views

AntiCheat-Testing-Framework - Framework To Test Any Anti-Cheat

Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any Anti-Cheat and learn along the way. The entry level to reverse AntiCheats and Cheats is quite high, therefore, I'm realeasing all the code I developed during my research. The main idea is to help...

7.5AI score
Exploits0References1
GithubExploit
GithubExploit
added 2020/01/17 5:7 p.m.129 views

Exploit for Improper Privilege Management in Centreon

CVE-2019-19699 Centreon =\ After logging in we navi...

9CVSS7.5AI score0.27485EPSS
Exploits3
CERT
CERT
added 2020/01/14 12:0 a.m.35 views

Content Delivery Networks handle HTTP headers in different and unexpected ways

Overview A Content Delivery Network CDN is a distributed network of proxy servers that deliver web content collected from a back end web server using a temporary local storage called a cache. HTTP cache poisoning is a type of attack that allows a remote attacker to inject arbitrary content using...

6.6AI score
Exploits0References8
Citrix
Citrix
added 2020/01/10 12:0 a.m.8 views

Provisioning Services | Unable to Reverse Image A vDisk Using P2PVS, Getting "The Destination Disk Is Too Small"

Reverse imaging error - Unable to reverse image a vDisk using P2PVS getting "The destination Disk is too small"...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2020/01/09 10:27 p.m.87 views

Exploit for Improper Access Control in Oracle Communications_Diameter_Signaling_Router

CVE-2019-2729 Exploit code for CVE-2019-2729 Oracle Weblogic r...

9.8CVSS9.8AI score0.8883EPSS
Exploits11
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.17 views

Fedora Update for radare2 FEDORA-2019-e931422a81

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.04414EPSS
Exploits2References2
exploitpack
exploitpack
added 2020/01/08 12:0 a.m.41 views

ASTPP VoIP 4.0.1 - Remote Code Execution

ASTPP VoIP 4.0.1 - Remote Code Execution Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Date: 2019-11-18 Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/01/08 12:0 a.m.132 views

ASTPP VoIP 4.0.1 Remote Code Execution

Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Date: 2019-11-18 Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script Tested on: Debian 9 - CentOS 7 CVE : - ASTPP...

0.3AI score
Exploits0
0day.today
0day.today
added 2020/01/08 12:0 a.m.92 views

ASTPP VoIP 4.0.1 - Remote Code Execution Vulnerability

Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script Tested on: Debian 9 - CentOS 7 CVE : - ASTPP 4.0.1 VoIP Billi...

0.4AI score
Exploits0
GithubExploit
GithubExploit
added 2020/01/07 11:31 a.m.2 views

Fast8690-exploit

Sagemcom Fast 3890 exploit This exploit uses the Cable Haunt...

7.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/01/07 12:0 a.m.17 views

CVE-2020-5307

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in...

9.8CVSS1.9AI score0.15652EPSS
Exploits1References3
Citrix
Citrix
added 2020/01/07 12:0 a.m.7 views

Reverse Imaging with UEFI targets fail with error : "failed to write disk" while doing the reverse image from vdisk to volume

Description : Unable to create a new vDisk after performing reverse imaging to upgrade VM Ware Tools...

7AI score
Exploits0
Hacker One
Hacker One
added 2020/01/05 2:58 a.m.7350 views

Concrete CMS: Remote Code Execution (Reverse Shell) - File Manager

Remote Code Execution Reverse Shell - File Manager • Title: concrete5-8.5.2 Remote Code Execution - Reverse Shell • Keyword: crayons • Software : concrete5 • Product Version: 8.5.2 • Vulnerability : Remote Code Execution - Reverse Shell • Vulnerable component: File Manager The attacker needs the...

7.8AI score
Exploits0
Rows per page
Query Builder