Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2023/11/20 9:1 p.m.33 views

Run Shell Command allows Cross-Site Request Forgery

Impact A cross site request forgery vulnerability in the admin tool for executing shell commands on the server allows an attacker to execute arbitrary shell commands by tricking an admin into loading the URL with the shell command. A very simple possibility for an attack are comments. When the...

9.6CVSS7.7AI score0.22938EPSS
Exploits2References5Affected Software1
Prion
Prion
added 2022/03/23 8:15 p.m.15 views

Code injection

Money Transfer Management System Version 1.0 allows an attacker to inject JavaScript code in the URL and then trick a user into visit the link in order to execute JavaScript code...

4.3CVSS6.3AI score0.00691EPSS
Exploits1References1Affected Software1
The Hacker News
The Hacker News
added 2016/01/25 10:11 p.m.11 views

Warning — People are Sharing a Link that will Crash and Reboot your iPhone

A new prank circulating on Twitter, Facebook and other social media platform could crash your iPhone or iPad completely. If you come across a link to crashsafari.com, you are advised not to open it on your iPhone, iPad or even Macs. Doing so will cause Safari application to crash, potentially...

6.7AI score
Exploits0
NVD
NVD
added 2009/01/22 6:30 p.m.23 views

CVE-2009-0253

Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack...

6.8CVSS6.6AI score0.02527EPSS
Exploits0References3
Rows per page
Query Builder