Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2021/08/13 3:22 p.m.66 views

Padding oracle attacks

It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks...

5.9CVSS4.5AI score0.0045EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2011/04/10 2:51 a.m.4 views

CVE-2011-1671

Cross-site scripting XSS vulnerability in app/controllers/todoscontroller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to todos/tag/. NOTE: some of these details are obtained from third party information...

4.3CVSS5.7AI score0.01973EPSS
Exploits1References10
seebug.org
seebug.org
added 2009/10/22 12:0 a.m.23 views

Joomla JD-WordPress Vulnerability File Inclusion Version 2.0 RC2

REGISTER GLOBALS ON wp-feed.php?mosConfigabsolutepath= Version 2.0 RC2 UPDATE IT ! !/usr/bin/perl + Author : Don Tukulesto [email protected] + Date : October 20, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : www.joomladeveloping.org + version : 2.0 RC2 + Method : Remote File...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/16 12:0 a.m.28 views

Digital Hive 2.0 - 'base_include.php' Local File Inclusion

source: https://www.securityfocus.com/bid/29255/info Digital Hive is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local files in the context of the...

7.4AI score
Exploits0
Rows per page
Query Builder