Lucene search
K

10 matches found

NVD
NVD
added 2008/11/04 12:58 a.m.17 views

CVE-2008-4903

Cross-site scripting XSS vulnerability in the leave comment feedback feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 commentauthor Name and 2 commenturl Website parameters...

4.3CVSS5.7AI score0.01089EPSS
Exploits0References5
NVD
NVD
added 2008/11/04 12:58 a.m.17 views

CVE-2008-4905

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...

7.5CVSS7.6AI score0.01478EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2008/11/04 12:58 a.m.26 views

CVE-2008-4905

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...

7.5CVSS7.1AI score0.01478EPSS
Exploits0References1
Prion
Prion
added 2008/11/04 12:58 a.m.14 views

Hardcoded credentials

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...

5CVSS7.2AI score0.01478EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2008/11/04 12:58 a.m.26 views

CVE-2008-4903

Cross-site scripting XSS vulnerability in the leave comment feedback feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 commentauthor Name and 2 commenturl Website parameters...

4.3CVSS5.9AI score0.01089EPSS
Exploits0References1
Prion
Prion
added 2008/11/04 12:58 a.m.13 views

Sql injection

SQL injection vulnerability in the "Manage pages" feature admin/pages in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the searchpublishedat parameter...

6CVSS8.5AI score0.00895EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2008/11/04 12:58 a.m.27 views

CVE-2008-4904

SQL injection vulnerability in the "Manage pages" feature admin/pages in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the searchpublishedat parameter...

6CVSS6.2AI score0.00895EPSS
Exploits0References1
CVE
CVE
added 2008/11/04 12:0 a.m.48 views

CVE-2008-4905

CVE-2008-4905 affects Typo (versions 5.1.3 and earlier) and is caused by a hard-coded salt used to hash passwords. This weakens brute-force resistance, making password guessing easier for attackers. Connected sources (NVD, UBUNTU, CVE listings) confirm the condition, but none provide a concrete f...

7.5CVSS7.6AI score0.01478EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/11/04 12:0 a.m.23 views

CVE-2008-4905

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...

7.5AI score0.01478EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/11/04 12:0 a.m.23 views

CVE-2008-4903

Cross-site scripting XSS vulnerability in the leave comment feedback feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 commentauthor Name and 2 commenturl Website parameters...

5.7AI score0.01089EPSS
Exploits0References5
Rows per page
Query Builder