Lucene search
K

72 matches found

Openbugbounty
Openbugbounty
added 2018/07/22 9:38 a.m.7 views

scooter.lnk.to XSS vulnerability

Open Bug Bounty ID: OBB-652228 Description| Value ---|--- Affected Website:| scooter.lnk.to Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
NVD
NVD
added 2018/07/16 5:29 p.m.35 views

CVE-2018-0384

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

5.8CVSS6.3AI score0.02502EPSS
Exploits0References3
Prion
Prion
added 2018/07/16 5:29 p.m.23 views

Design/Logic Flaw

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

5CVSS5.7AI score0.02502EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/07/16 5:0 p.m.27 views

CVE-2018-0384

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

6.3AI score0.02502EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/07/16 5:0 p.m.11 views

CVE-2018-0384

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

7AI score0.02502EPSS
Exploits0References3
CVE
CVE
added 2018/07/16 5:0 p.m.63 views

CVE-2018-0384

The CVE-2018-0384 entry describes a vulnerability in the Cisco FireSIGHT System Software detection engine where TCP packets arriving out of order during a TCP SYN retransmission are mishandled, allowing an unauthenticated, remote attacker to bypass a URL-based access control policy. The impact is...

5.8CVSS5.7AI score0.02502EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2018/07/11 4:0 p.m.43 views

Cisco FireSIGHT System Software URL-Based Access Control Policy Bypass Vulnerability

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

5.8CVSS1.6AI score0.02502EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/07/11 12:25 p.m.10 views

festicket.com XSS vulnerability

Open Bug Bounty ID: OBB-644804 Description| Value ---|--- Affected Website:| festicket.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/06/18 2:33 p.m.14 views

relook.ru XSS vulnerability

Open Bug Bounty ID: OBB-633597 Description| Value ---|--- Affected Website:| relook.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Veracode
Veracode
added 2018/06/08 3:50 a.m.14 views

Directory Traversal

fbr-client is vulnerable to directory traversal attacks. The attacks are possible by requesting a URL such as /..%2f..%2fetc/passwd to get sensitive information...

7.5CVSS7.3AI score0.02005EPSS
Exploits1References2Affected Software1
Openbugbounty
Openbugbounty
added 2018/04/08 11:23 p.m.8 views

myaposhop.de XSS vulnerability

Open Bug Bounty ID: OBB-599270 Description| Value ---|--- Affected Website:| myaposhop.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/02/20 8:31 p.m.17 views

bdlaws.minlaw.gov.bd XSS vulnerability

Open Bug Bounty ID: OBB-564427 Description| Value ---|--- Affected Website:| bdlaws.minlaw.gov.bd Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/02/20 2:44 p.m.11 views

2gis.ru XSS vulnerability

Open Bug Bounty ID: OBB-564143 Description| Value ---|--- Affected Website:| 2gis.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
NVD
NVD
added 2018/01/26 2:29 a.m.15 views

CVE-2017-1000404

The Jenkins Delivery Pipeline Plugin version 1.0.7 and earlier used the unescaped content of the query parameter 'fullscreen' in its JavaScript, resulting in a cross-site scripting vulnerability through specially crafted URLs...

6.1CVSS6AI score0.00966EPSS
Exploits0References2
OSV
OSV
added 2017/10/24 6:33 p.m.31 views

GHSA-JWHV-RGQC-FQJ5 Session fixation vulnerability in Rails

Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."...

6.8CVSS9.1AI score0.03576EPSS
Exploits0References17
RubySec
RubySec
added 2017/10/24 12:0 a.m.20 views

Moderate severity vulnerability that affects rails

Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."...

6.8CVSS7AI score0.03576EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2016/03/14 4:53 p.m.16 views

de.kompass.com XSS vulnerability

Vulnerable URL: http://de.kompass.com/searchCompanies?searchType=SUPPLIER='"--alert/XSSPOSED/...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/10/21 6:39 p.m.13 views

bahlsen.de XSS vulnerability

Vulnerable URL: http://www.bahlsen.de/de/suche?q=%22%3E%3Csvg%20onload%3Dalert%28%22XSSPOSED%22%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 487242 Google Pagerank| 4 VIP...

6.3AI score
Exploits0
NVD
NVD
added 2014/12/02 4:59 p.m.16 views

CVE-2014-9180

Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the QUERYSTRING...

5CVSS6.6AI score0.04417EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2014/03/09 12:0 a.m.38 views

ET - Chat Password Reset Security Bypass

source: https://www.securityfocus.com/bid/66149/info ET - Chat is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. ET - Chat 3.0.7 is vulnerable; other...

7.4AI score
Exploits0
Rows per page
Query Builder