Lucene search
K

19 matches found

Nuclei
Nuclei
added 19 hours ago77 views

Extreme Management Center 8.4.1.24 - Cross-Site Scripting

Extreme Management Center 8.4.1.24 contains a cross-site scripting vulnerability via a parameter in a GET request. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

6.1CVSS6.4AI score0.03465EPSS
Exploits0References5
HackRead
HackRead
added 2026/06/08 6:56 p.m.18 views

Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor

Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users...

5.5AI score
Exploits0
NVD
NVD
added 2023/03/27 8:15 p.m.16 views

CVE-2023-28650

An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript JS payload in the target’s security context...

6.1CVSS6.5AI score0.00516EPSS
Exploits0References1
HackRead
HackRead
added 2020/02/28 2:9 p.m.33 views

Israeli firm leaks database with addresses of millions of Americans

By Waqas Israeli marketing company Straffic has leaked personal sensitive data of millions of unsuspecting users mostly from the US and European countries. This is a post from HackRead.com Read the original post: Israeli firm leaks database with addresses of millions of Americans...

3.4AI score
Exploits0
HackRead
HackRead
added 2020/02/27 3:37 p.m.31 views

Clearview AI firm with photos of billions of unsuspecting users got HACKED

By Deeba Ahmed Clearview AI has billions of photos of innocent and unsuspecting users - Its entire list of clients was reportedly stolen by unknown hackers. This is a post from HackRead.com Read the original post: Clearview AI firm with photos of billions of unsuspecting users got HACKED...

2.7AI score
Exploits0
NVD
NVD
added 2019/08/15 7:15 p.m.25 views

CVE-2019-13511

Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation...

4.3CVSS4.8AI score0.05777EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2017/10/04 1:0 a.m.39 views

CVE-2017-1000117

A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim...

8.8CVSS8.2AI score0.77823EPSS
Exploits9
Cvelist
Cvelist
added 2017/10/04 1:0 a.m.36 views

CVE-2017-1000117

A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim...

8AI score0.77823EPSS
Exploits9References12
Tenable Nessus
Tenable Nessus
added 2017/06/14 12:0 a.m.30 views

Serendipity < 2.1.1 Multiple Vulnerabilities

According to its banner, the version of Serendipity running on the remote host is prior to 2.1.1. It is, therefore, affected by multiple vulnerabilities : - A stored cross-site scripting XSS vulnerability exists in the templates/2k11/admin/category.inc.tpl script due to improper validation of the...

9.8CVSS7.3AI score0.02883EPSS
Exploits1References10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

e107 0.7.5 Subject field HTML injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18560/info The e107 CMS is prone to an HTML-injection vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site whe...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Hackish 1.1 Blocco.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26167/info Hackish is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execut...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

ASPBB 0.5.2 profile.asp get Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18025/info ASPBB is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

phpMyAdmin <= 3.3.0 'db' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35531/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

CcCounter 2.0 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23135/info CcCounter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Maian Uploader 4.0 - index.php keywords Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/05/13 12:0 a.m.1 views

Executable File With Non-Executable File Extension Arbitrary File Execution

Certain malicious executable files can be hidden using arbitrary filename extensions. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...

5AI score
Exploits0
exploitpack
exploitpack
added 2006/06/13 12:0 a.m.16 views

CEScripts (Multiple Scripts) - Cross-Site Scripting

CEScripts Multiple Scripts - Cross-Site Scripting source: https://www.securityfocus.com/bid/18402/info CEScripts scripts are prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2006/03/06 12:0 a.m.17 views

RunCMS 1.x - Bigshow.php Cross-Site Scripting

RunCMS 1.x - Bigshow.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16970/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2005/12/15 12:0 a.m.12 views

AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities

AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15887/info AtlantForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

0.1AI score
Exploits0
Rows per page
Query Builder