Lucene search
K

21 matches found

NVD
NVD
added 2025/11/12 10:15 p.m.5 views

CVE-2025-64482

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.1762267347 and Tuleap Enterprise Edition prior to versions 17.01-, 16.13-6, and 16.12-9 don't have cross-site request forgery protections in the file...

4.6CVSS0.00135EPSS
Exploits0References4
0day.today
0day.today
added 2024/09/11 12:0 a.m.342 views

VICIdial 2.14-917a SQL Injection Vulnerability

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial version 2.14-917a to enumerate database records. By default, VICIdial stores plaintext credentials within the database. Title: VICIdial Unauthenticated SQL Injection Publication URL:...

9.8CVSS7.9AI score0.80023EPSS
Exploits10
Huntr
Huntr
added 2021/11/02 2:6 a.m.40 views

OS Command Injection in ohmyzsh/ohmyzsh

Description In Oh My Zsh, there is a function called omzurldecode, which is used to decode URLs. Since this function is using eval with user inputs without any sanitization, it's possible to inject arbitrary commands into the eval context, which allows an attacker to achieve the command injection...

5.1CVSS0.4AI score0.00598EPSS
Exploits0
Hacker One
Hacker One
added 2019/10/09 10:52 a.m.47 views

8x8: Publicly accessible .svn repository - aastraconf.packet8.net

The server contained artifacts from an old SVN repository. The files were removed...

2.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/07 12:0 a.m.13 views

SVN Repository Detected

The web server on the remote host allows read access to files within a '.svn' directory exposing files tracked inside. This potential flaw can be used to access content from the web server that might otherwise be private & permit download of the source code of listed pages hosted on the remote...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/04/24 10:14 p.m.9 views

watkyn.svnrepository.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-608039 Description| Value ---|--- Affected Website:| watkyn.svnrepository.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2017/11/17 4:50 p.m.38 views

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Researchers have identified seven vulnerabilities in the LibXL C library, used to read Excel files. Each of the vulnerabilities are rated 8.8 in severity on the Common Vulnerability Scoring System scale. Attackers could exploit each of the vulnerabilities and perform remote code execution attacks...

6.8CVSS3.4AI score0.02771EPSS
Exploits9References9
Hacker One
Hacker One
added 2015/06/23 6:1 p.m.174 views

Pornhub: Publicly exposed SVN repository, ht.pornhub.com

After I found the subversion repository I visited the following location https://netreact.eu/hubtraffic I could see the usernames in the repo and the following weak credentials gave me access: stefan:123456 An attacker can commit code to this location which could be mirrored on the main site and...

7.8AI score
Exploits0
Hacker One
Hacker One
added 2014/04/17 6:35 a.m.163 views

Yahoo!: readble .htaccess + Source Code Disclosure (+ .SVN repository)

Thank you for your submission to the Yahoo Bug Bounty program. We were able to reproduce the issue you reported and have implemented appropriate fixes. We appreciate your adherence to responsible disclosure guidelines and look forward to your future participation in the program...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/03/07 12:0 a.m.38 views

CentOS 5 / 6 : subversion (CESA-2014:0255)

Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

7.8CVSS7.6AI score0.11052EPSS
Exploits0References5
Kitploit
Kitploit
added 2013/02/23 1:0 a.m.12 views

[BlindElephant] Web Application Fingerprinting

During Black Hat USA 2010 , Patrick Thomas presented a new web application fingerprinting tool called Blind Elephant. The BlindElephant Web Application Finger-printer attempts to discover the version of a known web application by comparing static files at known locations against precomputed hashe...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/13 12:0 a.m.55 views

OpenVAS Command Injection

OpenVAS Security Advisory OVSA20121112 Date: 12th November 2012 Product: OpenVAS Manager Risk: Medium Summary It has been identified that OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified th...

7.5CVSS0.3AI score0.03052EPSS
Exploits2
0day.today
0day.today
added 2010/11/15 12:0 a.m.41 views

eoCMS 0.9 nightly Mullti Vulnerability

Exploit for php platform in category web applications ====================================== eoCMS 0.9 nightly Mullti Vulnerability ====================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/09/26 12:0 a.m.17 views

SkyBlueCanvas [1.1 r248] SVN repository Vulnerability

Exploit for php platform in category web applications 0day.today 2018-01-10...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2008/08/22 12:0 a.m.37 views

Python Multiple Vulnerabilities (Windows)

The host is installed with Python, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodpythonmultvulnwin900105.nasl 7174 2017-09-18 11:48:08Z asteins $ Description: Python Multiple Vulnerabilities Windows Authors: Sharath S Copyright: Copyright C 2008 SecPod,...

7.5CVSS0.4AI score0.04493EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2008/08/22 12:0 a.m.37 views

Python Multiple Vulnerabilities (Linux)

The host is installed Python, which is prone to multiple vulnerabilities. This NVT has been replaced by NVT gbCESA-20091176pythoncentos5i386.nasl OID:1.3.6.1.4.1.25623.1.0.880881, gbCESA-20091178pythoncentos3i386.nasl OID:1.3.6.1.4.1.25623.1.0.880715. OpenVAS Vulnerability Test $Id:...

7.5CVSS0.4AI score0.04493EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2008/08/22 12:0 a.m.29 views

Apache HTTP Server 'mod_proxy_ftp' Wildcard Characters XSS Vulnerability

Apache HTTP Server is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS7.4AI score0.38953EPSS
Exploits4References5
UbuntuCve
UbuntuCve
added 2007/12/14 8:46 p.m.22 views

CVE-2007-6350

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...

8.5CVSS6.3AI score0.04362EPSS
Exploits0References1
Prion
Prion
added 2007/12/14 8:46 p.m.19 views

Design/Logic Flaw

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...

8.5CVSS6.9AI score0.04362EPSS
Exploits0References15Affected Software1
securityvulns
securityvulns
added 2007/03/28 12:0 a.m.52 views

Update: ViewCVS and ViewVC 'checkout view' content type fixation issue

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi! Moritz Naumann wrote: This does not impact how much the rest of my report applies. My findings are now being discussed on the ViewVC developers mailing list 1. They apparently also impact ViewVC. Whether and to which degree what I am reporting c...

0.1AI score
Exploits0
Rows per page
Query Builder