Lucene search
K

14 matches found

EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข5 views

EUVD-2024-53538

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00293EPSS
Exploits0References3
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 7:41 a.m.โ€ข6 views

CVE-2024-55470

Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the...

7.5CVSS6.7AI score0.00447EPSS
Exploits0References1
Packet Storm News
Packet Storm News
โ€ขadded 2025/05/13 12:0 a.m.โ€ข4 views

Optimized Couplings for Watermarking Large Language Models

Large-language models LLMs are now able to produce text that is, in many cases, seemingly indistinguishable from human-generated content. This has fueled the development of watermarks that imprint a signal'' in LLM-generated text with minimal perturbation of an LLM's output. This paper provides a...

6.9AI score
Exploits0
Vulnrichment
Vulnrichment
โ€ขadded 2025/02/10 12:0 a.m.โ€ข4 views

CVE-2024-57177

A host header injection vulnerability exists in the NPM package of perfood/couch-auth = 0.21.2. By sending a specially crafted host header in the email change confirmation request, it is possible to trigger a SSTI which can be leveraged to run limited commands or leak server-side information...

7.2AI score0.00293EPSS
Exploits0References2
Cvelist
Cvelist
โ€ขadded 2025/02/10 12:0 a.m.โ€ข9 views

CVE-2024-57177

A host header injection vulnerability exists in the NPM package of perfood/couch-auth = 0.21.2. By sending a specially crafted host header in the email change confirmation request, it is possible to trigger a SSTI which can be leveraged to run limited commands or leak server-side information...

0.00293EPSS
Exploits0References2
NVD
NVD
โ€ขadded 2023/11/21 7:15 p.m.โ€ข12 views

CVE-2023-20272

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to upload malicious files to the web root of the application. This vulnerability is due to insufficient file input validation. An attacker could exploit this...

8.8CVSS0.00888EPSS
Exploits0References1
Prion
Prion
โ€ขadded 2023/11/21 7:15 p.m.โ€ข17 views

Input validation

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to upload malicious files to the web root of the application. This vulnerability is due to insufficient file input validation. An attacker could exploit this...

6.5CVSS7.2AI score0.00888EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
โ€ขadded 2023/11/15 12:0 a.m.โ€ข3 views

PT-2023-7110 ยท Cisco ยท Cisco Identity Services Engine

Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine affected versions not specified Description: The issue is related to insufficient file input validation in the web-based management interface, allowing an authenticated, remote attacker to upload malicious files...

8.8CVSS8.5AI score0.00888EPSS
Exploits0References4
Huntr
Huntr
โ€ขadded 2021/09/29 1:17 a.m.โ€ข12 views

Exposure of Sensitive Information to an Unauthorized Actor in blair2004/nexopos-4x

Description Unhandled exception leads to exposure of server side and sql query information. Proof of Concept 1. Go to demo page http://v4.nexopos.com and login using demo account 2. Go to Customer - Create coupon and try to create a coupon without entering coupon code leave it empty 3. See that t...

7.3AI score
Exploits0
Hacker One
Hacker One
โ€ขadded 2020/02/20 8:40 a.m.โ€ข278 views

Razer: Reflected XSS on molpay.com with cloudflare bypass

The tester discovered a reflected XSS vulnerability on molpay.com which could allow an adversary to steal client side information such as a cookie. Razer Fintech thanks the tester for his clear report and PoC. Follow brutelogic for amazing bypass tips. Thank you for bounty @razer ๐Ÿ™...

2.6AI score
Exploits0
Cvelist
Cvelist
โ€ขadded 2008/02/19 10:0 p.m.โ€ข23 views

CVE-2007-6319

Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to 1 gain list administrator privileges or 2 access arbitrary mailing lists via unknown vectors related to modification of client-side information; and 3 allow...

6.8AI score0.02566EPSS
Exploits0References6
OpenVAS
OpenVAS
โ€ขadded 2005/11/03 12:0 a.m.โ€ข10 views

Horde and IMP test disclosure

The remote server is running Horde and/or IMP with test scripts available from the outside. The scripts may leak server-side information that is valuable to an attacker. OpenVAS Vulnerability Test $Id: hordetestdisclosure.nasl 6056 2017-05-02 09:02:50Z teissa $ Description: Horde and IMP test...

0.1AI score
Exploits0
OpenVAS
OpenVAS
โ€ขadded 2005/11/03 12:0 a.m.โ€ข18 views

Horde Information Disclosure Vulnerability (Nov 2005) - Active Check

Horde is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2004 Sverre H. Huseby Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
โ€ขadded 2003/05/12 12:0 a.m.โ€ข19 views

Horde test.php Direct Reqest Information Disclosure

The remote server is running Horde or a related project along with one or more test scripts. These scripts may leak server-side information that is valuable to an attacker. %NASLMINLEVEL 70300 This script was written by Sverre H. Huseby See the Nessus Scripts License for details Changes by Tenabl...

5.5AI score
Exploits0
Rows per page
Query Builder