Lucene search
K

33 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

SimpleRisk 20130915-01 - Multiple Vulnerabilities

No description provided by source. 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-...

6.8CVSS6.5AI score0.01987EPSS
Exploits7
NVD
NVD
added 2014/05/12 2:55 p.m.16 views

CVE-2013-5749

Cross-site scripting XSS vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to inject arbitrary web script or HTML via the newproject parameter...

4.3CVSS5.6AI score0.01457EPSS
Exploits6References2
NVD
NVD
added 2014/05/12 2:55 p.m.34 views

CVE-2013-5748

Cross-site request forgery CSRF vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an addproject action...

6.8CVSS7AI score0.01987EPSS
Exploits6References2
Prion
Prion
added 2014/05/12 2:55 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to inject arbitrary web script or HTML via the newproject parameter...

4.3CVSS6.1AI score0.01457EPSS
Exploits6References2Affected Software1
Prion
Prion
added 2014/05/12 2:55 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an addproject action...

6.8CVSS7.5AI score0.01987EPSS
Exploits6References2Affected Software1
CVE
CVE
added 2014/05/12 2:0 p.m.59 views

CVE-2013-5749

CVE-2013-5749 describes a cross-site scripting (XSS) vulnerability in SimpleRisk, specifically in management/prioritize_planning.php, exploitable via the new_project parameter. It affects SimpleRisk versions before 20130916-001, enabling remote attackers to inject arbitrary web script/HTML. The c...

4.3CVSS5.8AI score0.01457EPSS
Exploits6References2Affected Software1
Cvelist
Cvelist
added 2014/05/12 2:0 p.m.42 views

CVE-2013-5748

Cross-site request forgery CSRF vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an addproject action...

7AI score0.01987EPSS
Exploits6References2
Cvelist
Cvelist
added 2014/05/12 2:0 p.m.33 views

CVE-2013-5749

Cross-site scripting XSS vulnerability in management/prioritizeplanning.php in SimpleRisk before 20130916-001 allows remote attackers to inject arbitrary web script or HTML via the newproject parameter...

5.6AI score0.01457EPSS
Exploits6References2
CVE
CVE
added 2014/05/12 2:0 p.m.48 views

CVE-2013-5748

CVE-2013-5748 refers to a CSRF vulnerability in SimpleRisk’s management/prioritize_planning.php prior to version 20130916-001, which allows remote attackers to hijack user sessions for actions such as adding projects via add_project. The underlying issue is a Cross-Site Request Forgery that enabl...

6.8CVSS7.1AI score0.01987EPSS
Exploits6References2Affected Software1
0day.today
0day.today
added 2013/10/01 12:0 a.m.61 views

SimpleRisk 20130915-01 - Multiple Vulnerabilities

Exploit for php platform in category web applications 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting...

6.8CVSS6.5AI score0.01987EPSS
Exploits7
Packet Storm
Packet Storm
added 2013/09/30 12:0 a.m.46 views

SimpleRisk 20130915-01 Cross Site Request Forgery / Cross Site Scripting

Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-A3 Impact: Full Account Compromise...

6.8CVSS0.01987EPSS
Exploits7
Exploit DB
Exploit DB
added 2013/09/30 12:0 a.m.44 views

SimpleRisk 20130915-01 - Multiple Vulnerabilities

Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-A3 Impact: Full Account Compromise...

6.8CVSS6.5AI score0.01987EPSS
Exploits7
exploitpack
exploitpack
added 2013/09/30 12:0 a.m.45 views

SimpleRisk 20130915-01 - Multiple Vulnerabilities

SimpleRisk 20130915-01 - Multiple Vulnerabilities 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS...

6.8CVSS0.4AI score0.01987EPSS
Exploits7
Rows per page
Query Builder