Lucene search
+L

8 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2020-8972

Malware in sbrugna...

6.5CVSS4.6AI score0.01897EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/06/03 12:0 a.m.2 views

PT-2025-31396 · 'Реак Софт' · Esia-Bridge

Уязвимость шлюза интеграции с ЕСИА ESIA-Bridge связана с обходом аутентификации посредством спуфинга. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию путём перенаправления пользователя на специально сформированную HTML-страницу...

9.4CVSS7.3AI score
Exploits0References2
nessus
nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-7020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page...

4.3CVSS6.3AI score0.00265EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2023/06/25 12:0 a.m.5 views

The vulnerability of the Grafana data visualization web tool, related to bypassing authentication through spoofing, allows attackers to gain full access to the user account.

The vulnerability of the Grafana data visualization web tool is related to the ability to bypass authentication through spoofing. Exploiting this vulnerability can allow a malicious actor to gain full access to the user account...

9.7CVSS7.8AI score0.04094EPSS
Exploits0References5Affected Software3
wpexploit
wpexploit
added 2020/09/10 12:0 a.m.28 views

Email Subscribers & Newsletters < 4.5.6 - Unauthenticated email forgery/spoofing

It allows a remote unauthenticated attacker to send forged emails to all recipients from the available lists of contacts or subscribers, with complete control over the content and subject of the email. POST /wp-admin/admin-ajax.php HTTP/1.1 Host: example.com Content-Type:...

5CVSS2.4AI score0.01634EPSS
Exploits2References2
packetstorm
packetstorm
added 2008/09/24 12:0 a.m.24 views

adnforums-insecure.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- adnforum eNYe-Sec - www.enye-sec.org Cookie is base64 based and the ascii format used is: user:23ed4e45887ad4311ff654bd4aab6540:user:0 user:md5 pass:user:0 Programmer forgot to check the pass and only use the nick to autenticate the user...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2004/01/27 12:0 a.m.18 views

malwareSpoof.txt

Tuesday, January 27, 2004 Trivial file spoofing in Internet Explorer 6.0.2800.1106 and all of 'its' patches to date on WIN XP probably others: Content-Disposition: attachment; filename=malware.3050f4d8-98B5- 11CF-BB82-00AA00BDCE0Bfunballgitespiethrow%2Empeg" Absolute bare minimum working demo...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/03/07 12:0 a.m.68 views

mtr 0.45, 0.46

Few days ago, a new version of mtr has been released. Authors wrote in CHANGELOG, that they fixed a non-exploitable buffer overflow. In fact, this vulnerability is very easly exploitable and allows attacker to gain access to raw socket, which makes possible ip spoofing and other malicious network...

0.5AI score
Exploits0
Rows per page
Query Builder