Lucene search
K

88 matches found

CNVD
CNVD
added 2020/07/28 12:0 a.m.2 views

Unspecified vulnerability in Joomla! (CNVD-2020-44909)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A security vulnerability exists in Joomla! 3.9.19 and earlier versions, which can be exploited by an attacker to modify internal read-only fields in...

4.3CVSS6.8AI score0.00998EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/24 12:0 a.m.4 views

Advantech iView Access Control Error Vulnerability

Advantech iView is a device management application from Advantech. An Access Control Error vulnerability exists in Advantech iView 5.6 and prior versions. A remote attacker can exploit the vulnerability to obtain information from the user table, including administrator credentials in plain text...

9.8CVSS6.7AI score0.017EPSS
Exploits0References1
NVD
NVD
added 2020/07/15 4:15 p.m.20 views

CVE-2020-15697

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...

4.3CVSS0.00998EPSS
Exploits0References1
OSV
OSV
added 2020/07/15 4:15 p.m.15 views

CVE-2020-15697

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...

4.3CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2020/07/15 4:15 p.m.10 views

Code injection

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...

4CVSS4.7AI score0.00998EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/15 3:50 p.m.21 views

CVE-2020-15697

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...

5.3AI score0.00998EPSS
Exploits0References1
CVE
CVE
added 2020/07/15 3:50 p.m.125 views

CVE-2020-15697

CVE-2020-15697 affects Joomla! up to version 3.9.19. The issue is that internal read-only fields in the User table class could be modified by users, enabling unauthorized modification of user data and impacting data integrity. The reliable sources in the connected documents corroborate this speci...

4.3CVSS4.7AI score0.00998EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/15 2:19 a.m.31 views

CVE-2020-14501

Advantech iView, versions 5.6 and prior, has an improper authentication for critical function CWE-306 issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also...

9.5AI score0.017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/06/26 12:0 a.m.45 views

Joomla! 1.7.x < 3.9.16 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 1.7.x prior to 3.9.16. It is, therefore, affected by multiple vulnerabilities : - Missing token checks in the image actions of comtemplates causes CSRF vulnerabilities. CVE-2020-10241 - Inadequate...

9.8CVSS8AI score0.05578EPSS
Exploits2References13
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2020/06/02 12:0 a.m.39 views

[20200704] - Core - Variable tampering via user table class

Internal read-only fields in the User table class could be modified by users...

4.3CVSS5.5AI score0.00998EPSS
Exploits0Affected Software1
Metasploit
Metasploit
added 2020/05/23 8:20 a.m.92 views

vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection

This module exploits a SQL injection vulnerability found in vBulletin 5.x.x to dump the user table information or to dump all of the vBulletin tables based on the selected options. This module has been tested successfully on VBulletin Version 5.6.1 on Ubuntu Linux. This module requires Metasploit...

9.8CVSS8AI score0.88948EPSS
Exploits13
OSV
OSV
added 2020/03/16 4:15 p.m.14 views

CVE-2020-10240

An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...

5.3CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2020/03/16 4:15 p.m.16 views

Design/Logic Flaw

An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...

5CVSS5.2AI score0.01205EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/03/16 3:46 p.m.119 views

CVE-2020-10240

CVE-2020-10240 affects Joomla! up to version 3.9.15, where missing length checks in the users table can allow creation of users with duplicate usernames or email addresses. The issue is documented across multiple sources (NVD, OSV, and OSSV listings) as a data-validation flaw in the user table, w...

5.3CVSS5.3AI score0.01205EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/16 3:46 p.m.23 views

CVE-2020-10240

An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...

6.3AI score0.01205EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/03/16 12:0 a.m.5 views

PT-2020-11996 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.16 Description: An issue was discovered in Joomla! where missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses. Recommendations: For versions...

5.3CVSS7.2AI score0.01205EPSS
Exploits0References6
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2020/02/07 12:0 a.m.48 views

[20200304] - Core - Identifier collisions in com_users

Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...

5.3CVSS3AI score0.01205EPSS
Exploits0Affected Software1
0day.today
0day.today
added 2016/11/11 12:0 a.m.144 views

vBulletin 4.2.3 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and...

7.5CVSS9.2AI score0.68493EPSS
Exploits7
myhack58
myhack58
added 2016/02/12 12:0 a.m.34 views

New php vulnerability discovery of the debug result of the security vulnerability, Edusoho-a vulnerability warning-the black bar safety net

Modern cms framework laraval/symfony/slim, leading to today's php vulnerability appears point, principle, using method, has undergone some changes, this series can hope to summarize their excavation of such a cms vulnerability. Today this vulnerability is Edusoho a user table dump vulnerability...

7.2AI score
Exploits0
CNVD
CNVD
added 2015/05/06 12:0 a.m.3 views

D-Link DIR-601 Authentication Bypass Vulnerability

D-Link DIR-601 is a wireless router product. A security vulnerability in mycgi.cgi in the D-Link DIR-601 2.02NA and earlier versions allows malicious users to bypass certain security restrictions and gain access to the Adminuser, Wirelesssettings, Wirelesssecurity, Wirelesssecurity settings table...

6.9AI score
Exploits0References1
Rows per page
Query Builder