Lucene search
K

216 matches found

Prion
Prion
added 2014/08/07 11:13 a.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Anti-Spam plugin 2.7.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.02041EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2014/08/07 10:0 a.m.20 views

CVE-2014-5190

Cross-site scripting XSS vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Anti-Spam plugin 2.7.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.8AI score0.02041EPSS
Exploits1References3
CVE
CVE
added 2014/08/07 10:0 a.m.36 views

CVE-2014-5190

The CVE-2014-5190 entry concerns the WordPress plugin SI CAPTCHA Anti-Spam (v2.7.4). The connected documents confirm a Cross-Site Scripting (XSS) vulnerability in captcha-secureimage/test/index.php that allows remote attackers to inject arbitrary web script or HTML via PATH_INFO. The practical im...

4.3CVSS5.9AI score0.02041EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2014/08/07 12:0 a.m.20 views

WordPress SI CAPTCHA Plugin <= 2.7.4 - XSS

Because of this vulnerability in captcha-secureimage/test/index.php, the attackers can inject arbitrary web script or HTML via the PATHINFO. Solution Update the plugin...

4.3CVSS2.8AI score0.02041EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2014/08/03 12:0 a.m.24 views

WordPress SI CAPTCHA Cross Site Scripting

|||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | Exploit Title: Wordpress SI CAPTCHA Anti-Spam Plugin Cross site scripting | | Exploit Author: Ashiyane Digital Security Team | | Date : Date: 2014-08-02 | | Vendor...

Exploits0
xssed
xssed
added 2012/05/31 12:0 a.m.11 views

Unfixed XSS vulnerability at www.si-wifi.org

Security researcher shellc0de, has submitted on 31/05/2012 a cross-site-scripting XSS vulnerability affecting www.si-wifi.org, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/10/2012. It is currently...

6.6AI score
Exploits0References1
Packet Storm
Packet Storm
added 2009/09/11 12:0 a.m.42 views

WAP Push SI Impersonation

Security Advisory: Multiple Smartphones SMS Sender Obfuscation via WAP Push SI ------------------------------------------------------------------------------ Discovered by: Michael Mueller a.k.a. c0rnholio Contact: c0rnholio on domain netcologne.de Advisory Homepage:...

Exploits0
xssed
xssed
added 2007/03/15 12:0 a.m.13 views

Unfixed XSS vulnerability at www.zdob-si-zdub.com

Security researcher MaXWeL, has submitted on 15/03/2007 a cross-site-scripting XSS vulnerability affecting www.zdob-si-zdub.com, which at the time of submission ranked 730491 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 15/03/2007. It is...

6.6AI score
Exploits0References1
Prion
Prion
added 2006/03/15 5:6 p.m.26 views

Code injection

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...

5CVSS6.6AI score0.03426EPSS
Exploits0References28Affected Software1
securityvulns
securityvulns
added 2006/01/17 12:0 a.m.42 views

[Full-disclosure] Senao SI-7800H VoIP wireless phone wdbrpc debug service UDP/17185

I disclosed the following issue at ShmooCon 2006 http://www.shmoocon.org/ during my "VoIP Wireless Phone Security Analysis" presentation. Thanks, --scm =============================================================== DATE: 16 January, 2006 VENDOR: Senao VENDOR NOTIFIED: 7 December, 2005 PRODUCT:...

Exploits0
securityvulns
securityvulns
added 2006/01/17 12:0 a.m.58 views

Senao SI-7800H wireless VoIP phone multiple vulnerabilities

VxWorks debugger TCP/17185 access...

2.1AI score
Exploits0References1
NVD
NVD
added 2005/11/21 11:3 a.m.15 views

CVE-2005-3715

Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service...

7.5CVSS6.6AI score0.0193EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/11/21 11:0 a.m.24 views

CVE-2005-3715

Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service...

6.6AI score0.0193EPSS
Exploits0References4
CVE
CVE
added 2005/11/21 11:0 a.m.41 views

CVE-2005-3715

CVE-2005-3715 affects Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839. The issue stems from the VxWorks debugger UDP port 17185 being left open without authentication, which in turn allows an attacker to access the phone OS, potentially obtain sensitive information, and cause a denial of ser...

7.5CVSS7AI score0.0193EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2005/11/17 12:0 a.m.45 views

[Full-disclosure] Senao SI-680H VoIP Wifi phone undocumented open port

I disclosed today the following vulnerability at the 32nd CSI conference in Washington, D.C. https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438 Thanks, Shawn Merdinger =============================================================== VENDOR: Senao VENDOR NOTIFIED: 28 June, 2005 VENDOR...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2005/11/17 12:0 a.m.49 views

Senao SI-680H wirieless Wi-Fi VoIP phones unauthorized access

VxWorks debugger is available with UDP/17185...

3AI score
Exploits0References1
Rows per page
Query Builder