Lucene search
K

70 matches found

OSV
OSV
added 2017/11/16 5:29 p.m.7 views

CVE-2017-16853

The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity...

8.1CVSS5.6AI score0.01398EPSS
Exploits0References6
0day.today
0day.today
added 2017/08/29 12:0 a.m.32 views

NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access) Vulnerability

Exploit for jsp platform in category web applications HTML Decoded PoC: history.pushState'', '', '/' input type="hidden"...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/08/28 12:0 a.m.42 views

NethServer 7.3.1611 CSRF Create User / Enable SSH Access

HTML Decoded PoC: history.pushState'', '', '/' input type="hidden" name="...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/08/28 12:0 a.m.23 views

NethServer 7.3.1611 - Cross-Site Request Forgery (Create User Enable SSH Access)

NethServer 7.3.1611 - Cross-Site Request Forgery Create User Enable SSH Access HTML Decoded PoC: history.pushState'', '', '/' input type="hidden" name="AccountUsercreategrou...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/03/31 12:0 a.m.79 views

MOBOTIX Video Security Cameras - Cross-Site Request Forgery (Add Admin)

Add admin user Testingus: ---...

7.4AI score
Exploits0
Xen Project
Xen Project
added 2016/01/20 12:0 p.m.90 views

PV superpage functionality missing sanity checks

ISSUE DESCRIPTION The PV superpage functionality lacks certain validity checks on data being passed to the hypervisor by guests. This is the case for the page identifier MFN passed to MMUEXTMARKSUPER and MMUEXTUNMARKSUPER sub-ops of the HYPERVISORmmuextop hypercall as well as for various forms of...

8.5CVSS1.3AI score0.01153EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2016/01/20 12:0 a.m.23 views

xen-kernel -- PV superpage functionality missing sanity checks

The Xen Project reports: The PV superpage functionality lacks certain validity checks on data being passed to the hypervisor by guests. This is the case for the page identifier MFN passed to MMUEXTMARKSUPER and MMUEXTUNMARKSUPER sub-ops of the HYPERVISORmmuextop hypercall as well as for various...

8.5CVSS1.2AI score0.01153EPSS
Exploits0References1
0day.today
0day.today
added 2015/11/12 12:0 a.m.49 views

R-Scripts VRS 7R Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

PHP Vacation Rental Script version 7R suffers from cross site request forgery and cross site scripting vulnerabilities. R-Scripts VRS 7R Multiple Stored XSS And CSRF Vulnerabilities Vendor: R-Scripts Product web page: http://www.r-scripts.com Affected version: 7R Summary: PHP Vacation Rental Scri...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2015/10/23 12:0 a.m.39 views

Realtyna RPL 8.9.2 CSRF / Cross Site Scripting

Realtyna RPL 8.9.2 Joomla Extension Persistent XSS And CSRF Vulnerabilities Vendor: Realtyna LLC Product web page: https://www.realtyna.com Affected version: 8.9.2 Summary: Realtyna CRM Client Relationship Management Add-on for RPL is a Real Estate CRM specially designed and developed based on...

0.03061EPSS
Exploits6
Cvelist
Cvelist
added 2015/07/23 12:0 a.m.30 views

CVE-2015-1277

Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures...

9.6AI score0.01617EPSS
Exploits2References10
Debian CVE
Debian CVE
added 2015/07/23 12:0 a.m.56 views

CVE-2015-1277

Removed by vendor...

7.5CVSS9.4AI score0.01617EPSS
Exploits2
OSV
OSV
added 2015/07/22 12:0 a.m.5 views

UBUNTU-CVE-2015-1277

Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures...

7.5CVSS7.4AI score0.01617EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2015/07/22 12:0 a.m.38 views

CVE-2015-1277

Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures...

7.5CVSS7.3AI score0.01617EPSS
Exploits2References3
0day.today
0day.today
added 2014/08/01 12:0 a.m.17 views

Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities

Oxwall version 1.7.0 suffers from multiple cross-site request forgery and stored xss vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with...

7.5AI score
Exploits0
0day.today
0day.today
added 2014/07/17 12:0 a.m.35 views

Omeka 2.2 - CSRF And Stored XSS Vulnerability

Omeka version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities. !-- Omeka 2.2 CSRF And Stored XSS Vulnerability Vendor: Omeka Team CHNM GMU Product web page: http://www.omeka.org Affected version: 2.2 Summary: Omeka is a free, flexible, and open source...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2014/07/17 12:0 a.m.33 views

Omeka 2.2 Cross Site Request Forgery / Cross Site Scripting

Omeka...

0.5AI score
Exploits0
0day.today
0day.today
added 2013/11/04 12:0 a.m.21 views

Practico 13.9 - Multiple Vulnerabilities

Exploit for multiple platform in category web applications Practico 13.9 Multiple Vulnerabilities Vendor: Practico Product web page: http://www.codigoabierto.org Affected version: 13.9 Summary: Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applicatio...

7.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2013/11/03 12:0 a.m.31 views

Practico 13.9 Multiple Vulnerabilities

Summary Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely visual and fast fashion. Without programming knowledge. Description Practico suffers from multiple vulnerabilities including Cross-Site Scripting XSS, SQL Injection SQ...

6.1AI score
Exploits0
0day.today
0day.today
added 2013/07/29 12:0 a.m.39 views

FluxBB 1.5.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-si...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2013/07/27 12:0 a.m.31 views

Windu CMS 2.2 - Multiple Vulnerabilities

Windu CMS 2.2 CSRF Add Admin Exploit input type="hidden" name="type" value="...

7AI score
Exploits0
Rows per page
Query Builder