Lucene search
K

73 matches found

Openbugbounty
Openbugbounty
added 2022/08/26 12:34 p.m.15 views

dornsife.usc.edu Cross Site Scripting vulnerability OBB-2865430

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Openbugbounty
Openbugbounty
added 2022/06/26 11:8 a.m.11 views

orsl.usc.edu Cross Site Scripting vulnerability OBB-2681581

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/06/26 11:6 a.m.8 views

oprs.usc.edu Cross Site Scripting vulnerability OBB-2681571

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/03/30 9:0 p.m.2 views

CVE-2021-45031

A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...

9.8CVSS7.1AI score0.0075EPSS
Exploits0References3
OSV
OSV
added 2022/03/30 8:15 p.m.4 views

CVE-2021-45031

A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...

7.7CVSS5.8AI score0.0075EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 8:15 p.m.19 views

CVE-2021-45031

A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...

9.8CVSS0.0075EPSS
Exploits0References2
Prion
Prion
added 2022/03/30 8:15 p.m.13 views

Design/Logic Flaw

A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...

7.5CVSS7.2AI score0.0075EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/30 7:55 p.m.26 views

CVE-2021-45031 Weak Authentication in Login Function of USC+

A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords...

7.7CVSS7.5AI score0.0075EPSS
Exploits0References2
CVE
CVE
added 2022/03/30 7:55 p.m.88 views

CVE-2021-45031

CVE-2021-45031 affects MEPSAN’s USC+ prior to version 3.0. The vulnerability is a weakness in the login function that lets attackers generate passwords for high-privilege accounts, enabling potential unauthorized access and elevation of privileges. Reports consistently identify versions before 3....

9.8CVSS7.3AI score0.0075EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/03/30 12:0 a.m.2 views

MEPSAN USC Plus 安全漏洞

MEPSAN USC Plus is an automation system from MEPSAN Turkey. A security vulnerability exists in the USC+ functionality prior to MEPSAN USC Plus version 3.0. An attacker could generate passwords for highly privileged accounts...

9.8CVSS7.4AI score0.0075EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2022/01/07 5:53 p.m.15 views

vitsupport.vsoe.usc.edu Cross Site Scripting vulnerability OBB-2327849

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2020/11/07 7:15 p.m.5 views

CVE-2020-28339

The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...

8.8CVSS7.3AI score0.01879EPSS
Exploits1References2
Prion
Prion
added 2020/11/07 7:15 p.m.16 views

Design/Logic Flaw

The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...

6.5CVSS8.9AI score0.01879EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/11/07 6:16 p.m.67 views

CVE-2020-28339

CVE-2020-28339 affects the WordPress plugin Welcart e-Commerce (usc-e-shop) up to version 1.9.36. The issue is an authenticated PHP Object Injection via usces_unserialize, with the CVE description noting there is not a complete POP chain. Affected: plugin in WordPress; root cause: object injectio...

8.8CVSS8.9AI score0.01879EPSS
Exploits1References2Affected Software1
Openbugbounty
Openbugbounty
added 2020/10/01 1:21 p.m.6 views

microsat.usc.edu Cross Site Scripting vulnerability OBB-1376091

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/06/24 10:8 a.m.24 views

usc-scv.ch Cross Site Scripting vulnerability OBB-1205591

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
NVD
NVD
added 2020/03/30 10:15 p.m.43 views

CVE-2020-11104

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...

5.3CVSS5.2AI score0.01534EPSS
Exploits1References1
NVD
NVD
added 2020/03/30 10:15 p.m.34 views

CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

9.8CVSS9.4AI score0.01977EPSS
Exploits1References1
OSV
OSV
added 2020/03/30 10:15 p.m.13 views

CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

9.8CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2020/03/30 10:15 p.m.14 views

CVE-2020-11104

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...

5.3CVSS6.5AI score
Exploits0References1
Rows per page
Query Builder