Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added 2009/06/22 8:30 p.m.1 views

CVE-2009-2165

SerendipityNZ aka SimpleBoxes Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id...

7.5CVSS5.6AI score0.01402EPSS
Exploits0References6
NVD
NVD
added 2009/06/22 8:30 p.m.15 views

CVE-2009-2165

SerendipityNZ aka SimpleBoxes Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id...

7.5CVSS6.6AI score0.01402EPSS
Exploits0References5
Prion
Prion
added 2009/06/22 8:30 p.m.11 views

Code injection

SerendipityNZ aka SimpleBoxes Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id...

7.5CVSS7.1AI score0.01402EPSS
Exploits0References5Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/06/18 8:53 a.m.2 views

Predictable session ID vulnerability in Serene Bach

Overview Serene Bach from SerendipityNZ Limited contains a vulnerability in which it generates predictable session ID's. Serene Bach from SerendipityNZ Limited is a weblog management system. Serene Bach contains a vulnerability in which it generates predictable session ID's. Impact A remote...

7.5CVSS6.5AI score0.01402EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/06/08 12:0 a.m.29 views

JVN#20689557 Predictable session ID vulnerability in Serene Bach

Serene Bach from SerendipityNZ Limited is a weblog management system. Serene Bach contains a vulnerability in which it generates predictable session ID's. Impact A remote attacker could impersonate an administrator of Serene Bach. As a result, an attacker could obtain or alter information stored ...

7.5CVSS6.1AI score0.01402EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.2 views

Serene Bach cross-site scripting vulnerability

Overview Serene Bach, a weblog management tool from SerendipityNZ Limited, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Also, session information or credential information kept in a cookie could be leaked. Solution None...

6.8CVSS6.2AI score0.01695EPSS
Exploits0References10
Cvelist
Cvelist
added 2007/01/09 11:0 a.m.19 views

CVE-2007-0137

Cross-site scripting XSS vulnerability in SimpleBoxes/SerendipityNZ Serene Bach 2.05R and earlier, and 2.08D and earlier in the 2.08 series; and 2 sb 1.13D and earlier, and 1.18R and earlier in the 1.18 series; allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01695EPSS
Exploits0References9
securityvulns
securityvulns
added 2007/01/05 12:0 a.m.71 views

[SA23623] Serene Bach Unspecified Cross-Site Scripting Vulnerability

TITLE: Serene Bach Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA23623 VERIFY ADVISORY: http://secunia.com/advisories/23623/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Serene Bach 2.x http://secunia.com/product/13155/ Serene Bach sb 1...

0.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/01/05 12:0 a.m.39 views

JVN#65500885 Serene Bach cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Also, session information or credential information kept in a cookie could be leaked. Solution Products Affected Serene Bach ver 2.05R and earlier Serene Bach ver 2.08D and earlier sb 1.13D and earlier sb 1.18R and earlier...

7AI score
Exploits0
Rows per page
Query Builder