Lucene search
K

96 matches found

Prion
Prion
added 2018/06/11 3:29 p.m.18 views

Open redirect

A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 for 2.1 and before version 2.3...

5CVSS7.4AI score0.01441EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/06/11 3:0 p.m.42 views

CVE-2011-4181

A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 for 2.1 and before version 2.3...

7.5CVSS5.3AI score0.01441EPSS
Exploits0
Hacker One
Hacker One
added 2018/01/21 5:17 p.m.809 views

RubyGems: Cross-Domain JavaScript Source File Inclusion

The page includes one or more script files from a third-party domain. XSSI is a fancy way of saying: you are including in your program, someone elses code; You don't have any control over what is in that code, and you don't have any control over the security of the server on which it is hosted...

7AI score
Exploits0
CNVD
CNVD
added 2017/12/01 12:0 a.m.2 views

Arbitrary File Read Vulnerability in Hazardous Chemicals Public Security Management Information System of Guangzhou Zhongbao Digital Information Technology Co.

Ltd. is a high-tech enterprise engaged in information technology research and development, promotion and application, and technical support services in the field of software, hardware, Internet application technology and other information technology in the field of hazardous explosives-related...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2017/05/18 9:48 p.m.16 views

Weblate: Self-XSS can be achieved in the editor link using filter bypass

Description I saw the fixed issue in the https://hackerone.com/reports/223692 and i think i found another filter bypass. I noticed that we actually can use special keywords like %branchs, %files and %lines. So XSS can be achieved in this way: %branchs:alert1;//https:// if the branch will be named...

6.3AI score
Exploits0
Hacker One
Hacker One
added 2016/10/04 11:28 p.m.563 views

ok.ru: web.xml configuration file disclosure

Several source files were accessible at .mycdn.me https://st.mycdn.me//WEB-INF/web.xml https://st.mycdn.me/WEB-INF/web.xml https://groupava1.mycdn.me/redirect.jsp https://groupava1.mycdn.me/index.jsp...

0.6AI score
Exploits0
Hacker One
Hacker One
added 2016/02/13 12:46 a.m.21 views

New Relic: Unauthorized Access

Summary of Findings ------------------------------- The remote server https://download.newrelic.com allowed unauthenticated access to special access files that are only intended to be accessible after contacting the New Relic program managers as seen below. Exploiting the...

0.4AI score
Exploits0
CNVD
CNVD
added 2015/05/07 12:0 a.m.5 views

Epicor CRS Retail Source File Manipulation Local Command Execution Vulnerability

Epicor CRS Retail is a retail solution. Epicor CRS Retail has a security vulnerability that allows a local attacker to edit program source files and execute arbitrary commands...

7.8CVSS7.2AI score0.00632EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2015/04/15 12:0 a.m.60 views

java-1.6.0-openjdk security update

1:1.6.0.35-1.13.7.1 - Repackaged source files - Resolves: rhbz1209067 1:1.6.0.35-1.13.7.0 - Update to IcedTea 1.13.7 - Regenerate add-final-location-rpaths patch so as to be less disruptive. - Resolves: rhbz1209067...

10CVSS1.7AI score0.07224EPSS
Exploits1
Fedora
Fedora
added 2014/10/10 4:6 p.m.31 views

[SECURITY] Fedora 20 Update: ctags-5.8-16.fc20

Ctags generates an index or tag file of C language objects found in C source and header files. The index makes it easy for text editors or other utilities to locate the indexed items. Ctags can also generate a cross reference file which lists information about the various objects found in a set o...

5CVSS0.5AI score0.04276EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Moa Gallery <= 1.2.0 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&...

7.1AI score
Exploits0
Oracle linux
Oracle linux
added 2013/02/27 12:0 a.m.64 views

php security, bug fix and enhancement update

5.3.3-22 - php-xml provides php-xmlreader and php-xmlwriter 874987 - fix possible NULL derefence and buffer overflow 879179 - fix zend garbage collector 848186, 868375 5.3.3-21 - fix CVE reference in previous changelog entry 5.3.3-20 - remove reproducer from security fix for CVE-2012-0781 5.3.3-1...

10CVSS0.1AI score0.10768EPSS
Exploits7
Fedora
Fedora
added 2012/02/15 11:29 a.m.25 views

[SECURITY] Fedora 15 Update: cvs-1.11.23-17.fc15

CVS Concurrent Versions System is a version control system that can record the history of your files usually, but not always, source code. CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why...

10CVSS1.1AI score0.08396EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.106 views

[SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities &#40;Apache Tomcat&#41;

CVE-2011-2729: Commons Daemon fails to drop capabilities Apache Tomcat Severity: Important Vendor: The Apache Software Foundation Versions Affected: Tomcat 7.0.0 to 7.0.19 Tomcat 6.0.30 to 6.0.32 Tomcat 5.5.32 to 5.5.33 Description: Due to a bug in the capabilities code, jsvc the service wrapper...

5CVSS1.8AI score0.07243EPSS
Exploits0
Apache Tomcat
Apache Tomcat
added 2011/08/11 12:0 a.m.52 views

Fixed in Apache Tomcat 7.0.20

Important: Information disclosure CVE-2011-2729 Due to a bug in the capabilities code, jsvc the service wrapper for Linux that is part of the Commons Daemon project does not drop capabilities allowing the application to access files and directories owned by superuser. This vulnerability only occu...

5CVSS4AI score0.07243EPSS
Exploits0Affected Software1
myhack58
myhack58
added 2011/01/11 12:0 a.m.23 views

Concave Yaya 4. 7 and following versions through the kill EXP-vulnerability warning-the black bar safety net

Description: 0. google : inurl:/otype. asp? classid= 1. Type the destination Station, no accident words will you wait a while,because you want to and other script timeout error,is recommended to drink tea. 2. Then the address bar type the following code, The JavaScript hijack it. 3. Refresh once,...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/10 12:0 a.m.24 views

Sulata iSoft Local File Disclosure

========================================================= Sulata iSoft stream.php Local File Disclosure Exploit ========================================================= Exploit Title : Sulata iSoft developer by Rizwan Azam you look site.com/about.php Date : 10 December 2010 Author : Suddendeath...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/02 12:0 a.m.57 views

ProFTPd 1.3.3c - Compromised Source Backdoor Remote Code Execution

== ProFTPD Compromise Report == On Sunday, the 28th of November 2010 around 20:00 UTC the main distribution server of the ProFTPD project was compromised. The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server and used their privileges to replace...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/06/04 12:0 a.m.38 views

Blue Collar Productions iGallery 4.1 Plus File Download

Vendor Notified: 05/25/2009 Vulnerability Details: ------------------------------------------- Blue Collar Productions iGallery 4.1 Plus http://www.b-cp.com/igallery/default.asp is a commercial photo gallery script written in Classic ASP. There exists also a free version named iGallery 3.4. The...

Exploits0
CERT
CERT
added 2009/02/05 12:0 a.m.78 views

GoAhead WebServer information disclosure and authentication bypass vulnerabilities

Overview GoAhead WebServer contains vulnerabilities that may allow an attacker to view source files containing sensitive information or bypass authentication. The information disclosure vulnerability was previously published as VU975041. Description GoAhead WebServer contains vulnerabilities...

5CVSS6.4AI score0.13671EPSS
Exploits1References9
Rows per page
Query Builder