Lucene search
+L

88 matches found

NVD
NVD
added 2017/04/05 8:59 p.m.26 views

CVE-2017-0888

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information...

4.3CVSS4.5AI score0.01537EPSS
Exploits0References3
Prion
Prion
added 2017/02/13 9:59 p.m.19 views

Cross site scripting

An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. The Web Interface does not neutralize or incorrectly neutralizes user-controllable input before it is placed in the output; this could allow for cross-site scripting...

4.3CVSS6.8AI score0.00825EPSS
Exploits0References2
Nextcloud
Nextcloud
added 2017/02/05 12:0 a.m.34 views

Content-Spoofing in "files" app (NC-SA-2017-006)

The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information...

4.3CVSS2.3AI score0.01537EPSS
Exploits0Affected Software1
OwnCloud
OwnCloud
added 2016/11/10 7:12 p.m.496 views

Content-Spoofing in "dav" app - ownCloud

The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of information. Affected Software ownCloud Server 9.1.2 CVE-2016-???? core/96b8afe48570bc70088ccd8f897e9d71997d336e ownCloud Server 9.0.6 CVE-2016-????...

6.6AI score
Exploits0Affected Software1
OwnCloud
OwnCloud
added 2016/11/10 11:59 a.m.495 views

Server: Content-Spoofing in "dav" app

The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of information. For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...

6.6AI score
Exploits0Affected Software1
Zero Science Lab
Zero Science Lab
added 2016/08/31 12:0 a.m.88 views

ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulnerability

Summary ZKBioSecurity3.0 is the ultimate "All in One" web based security platform developed by ZKTeco. It contains four integrated modules: access control, video linkage, elevator control and visitor management. With an optimized system architecture designed for high level biometric identificatio...

6.9CVSS5.8AI score0.00206EPSS
Exploits1
seebug.org
seebug.org
added 2016/05/14 12:0 a.m.88 views

ILas图书馆自动化集成系统 NTReaderCritic.aspx等2处 时间盲注漏洞

0x01漏洞简介 ILas图书馆自动化集成系统在NTReaderCritic.aspx和NTUniBookRetrInfo.aspx两个页面存在时间延迟注入漏洞。 0x02漏洞详情 NTReaderCritic.aspx sqlmap -u ".../NTReaderCritic.aspx?strRenco=1&strTitle=1" 相关代码如下: protected void PageLoadobject sender, EventArgs e if !base.IsPostBack if base.Request.QueryString"strRenco" != null &&...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/02/02 12:0 a.m.30 views

FreeBSD : rabbitmq -- Security issues in management plugin (8469d41c-a960-11e4-b18e-bcaec55be5e5)

The RabbitMQ project reports : Some user-controllable content was not properly HTML-escaped before being presented to a user in the management web UI : - When a user unqueued a message from the management UI, message details header names, arguments, etc. were displayed unescaped. An attacker coul...

3.5CVSS6.1AI score0.01152EPSS
Exploits0References4
Rows per page
Query Builder