Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.7 views

CVE-2019-10907

Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. An attacker able to capture cookies might be able to trivially bruteforce offline the passwords of associated users...

9.8CVSS6.8AI score0.00924EPSS
Exploits0References1
myhack58
myhack58
added 2009/08/10 12:0 a.m.12 views

Abroad a Blog program 0day-vulnerability warning-the black bar safety net

Author: YJPS reprint please indicate the Recently bored to go abroad on the site wandering around and see a nice Blog system, you can register the user and assign a secondary directory. The more boring it is to detect the next, the following is the analysis of the results. Site: Vulnerability...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/03/25 12:0 a.m.167 views

memberlist.php of vBulletin

vBulletin ALL versions Vendor status: notified 3/18/2; no response Within the first few lines of code in memberlist.php, the variable $letterbits is evaled. Because of the way PHP initializes variables, we can inject HTML, or JavaScript into the document. So by directing a user to, for example:...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2001/03/02 12:0 a.m.19 views

SA2K01.txt

-----/ SA2K01 /-------------------------------/ SecurityApex.com /---- A quick fix against RFP2101 ------------------------------------/ Max / [email protected] Table of contents: -/ 1 / Information on the exploit -/ 2 / Fix for the exploit -/ 3 / Credits...

7.4AI score
Exploits0
Rows per page
Query Builder