Lucene search
K

174 matches found

CNVD
CNVD
added 2019/08/23 12:0 a.m.3 views

Ampache Cross-Site Scripting Vulnerability

Ampache is a web-based audio/video application and file manager. A cross-site scripting vulnerability exists in Ampache. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit the vulnerability to execute client-side code...

5.4CVSS6.4AI score0.00839EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2019/08/20 8:40 a.m.117 views

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers

Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers. Instead, it was secretly planted by an unknown hacker who successfully managed ...

10CVSS0.6AI score0.99766EPSS
Exploits37
CNVD
CNVD
added 2019/07/09 12:0 a.m.3 views

JetBrains Hub Information Disclosure Vulnerability

JetBrains Hub is a web-based application from the Czech company JetBrains. The program is capable of integrating multiple JetBrains team tools together. An information disclosure vulnerability exists in versions prior to JetBrains Hub 2018.4.11298. The vulnerability stems from errors such as...

7.2CVSS6.1AI score0.01115EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.67 views

Fedora Update for php-horde-nag FEDORA-2018-8ab75bcc08

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Exploit DB
Exploit DB
added 2019/01/30 12:0 a.m.56 views

Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection

Exploit Title: Rukovoditel Project Management CRM 2.4.1 - 'listsid' SQL Injection Dork: N/A Date: 27-01-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/ Version: 2.4.1 Category: Webapps Tested on: Wampp...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/30 12:0 a.m.22 views

Rukovoditel Project Management CRM 2.4.1 - lists_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Rukovoditel Project Management CRM 2.4.1 - 'listsid' SQL Injection Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/ Version: 2.4.1 Categor...

0.4AI score
Exploits0
CNVD
CNVD
added 2019/01/16 12:0 a.m.2 views

Unspecified Vulnerability in Oracle Hospitality Reporting and Analytics (CNVD-2019-36662)

Oracle Hospitality Reporting and Analytics is a web-based application that centralizes point-of-sale POS data, provides operational and analytical insights into business operations, and improves efficiencies by delivering information to all roles within an organization. An unspecified vulnerabili...

6.5CVSS8.3AI score0.0117EPSS
Exploits0References1
CVE
CVE
added 2018/04/24 3:0 p.m.41 views

CVE-2017-9654

CVE-2017-9654 affects Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069, where login credentials are stored in clear text within backend system files (CWE-312). The NVD entry notes a CVSS v3 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high imp...

8.8CVSS8.6AI score0.01058EPSS
Exploits0References3Affected Software1
Fedora
Fedora
added 2017/09/30 7:23 a.m.12 views

[SECURITY] Fedora 26 Update: php-horde-nag-4.2.17-1.fc26

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...

3AI score
Exploits0
Fedora
Fedora
added 2017/08/10 9:27 p.m.10 views

[SECURITY] Fedora 25 Update: php-horde-nag-4.2.15-1.fc25

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...

3AI score
Exploits0
CVE
CVE
added 2017/07/10 8:0 p.m.58 views

CVE-2017-6733

CVE-2017-6733 affects Cisco Identity Services Engine (ISE) web portal. The issue is a stored cross-site scripting (XSS) vulnerability in the web-based application interface that could be exploited by an unauthenticated, remote attacker to target users of the web interface. Affected releases liste...

6.1CVSS5.9AI score0.0128EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2017/05/31 12:0 a.m.50 views

OV3 Online Administration 3.0 Authenticated Code Execution

!-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data management, the course is set for scalable, flexible and...

0.7AI score
Exploits0
Saint
Saint
added 2017/02/16 12:0 a.m.56 views

HP Smart Storage Administrator command injection

Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...

9CVSS9.1AI score0.1704EPSS
Exploits8
Saint
Saint
added 2017/02/16 12:0 a.m.81 views

HP Smart Storage Administrator command injection

Added: 02/16/2017 CVE: CVE-2016-8523 BID: 95868 Background HP Smart Storage Administrator HP SSA is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters HBAs and HP...

9CVSS9.2AI score0.1704EPSS
Exploits8
seebug.org
seebug.org
added 2016/08/10 12:0 a.m.33 views

Navis WebAccess - SQL injection vulnerability

No description provided by source. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Product - Navis WebAccess - SQL Injection Date - 8/8/2016 Author - bRpsd Skype: vegnox Vendor HomePage - http://www.navis.com/ Product Download - http://navis.com/prwebaccess.jsp currently under...

7.1AI score
Exploits0
0day.today
0day.today
added 2016/08/08 12:0 a.m.46 views

Navis Webaccess - SQL Injection

Exploit for php platform in category web applications @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Product - Navis WebAccess - SQL Injection Date - 8/8/2016 Author - bRpsd Skype: vegnox Vendor HomePage - http://www.navis.com/ Product Download - http://navis.com/prwebaccess.jsp...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/08/08 12:0 a.m.40 views

Navis WebAccess SQL Injection

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Product - Navis WebAccess - SQL Injection Date - 8/8/2016 Author - bRpsd Skype: vegnox Vendor HomePage - http://www.navis.com/ Product Download - http://navis.com/prwebaccess.jsp currently under maintenance Product Version - Express/All...

0.7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2016/07/12 7:0 a.m.37 views

MS16-091: Description of the security update for the .NET Framework 4.5.2 in Windows Server 2012: July 12, 2016

MS16-091: Description of the security update for the .NET Framework 4.5.2 in Windows Server 2012: July 12, 2016 View products that this article applies to. Summary This update resolves a vulnerability in the Microsoft .NET Framework. The vulnerability could cause information disclosure if an...

7.5CVSS7.3AI score0.24665EPSS
Exploits0
Kitploit
Kitploit
added 2015/06/23 8:34 p.m.86 views

TeemIp - IP Address Management Solution

All network administrators do recognize how important it is to have a well managed IP space: a comprehensive and up to date inventory of all subnets and IPs used in a network as well as clear and simple processes to request, change or release IPs are underlying key factors for a trouble free...

7.2AI score
Exploits0
CNVD
CNVD
added 2015/03/05 12:0 a.m.2 views

Loxone Smart Home Denial of Service Vulnerability

Loxone Smart Home is a WEB-based application. A denial of service vulnerability exists in Loxone Smart Home, which allows attackers to bypass certain security restrictions and launch denial of service attacks...

6.8AI score
Exploits0References1
Rows per page
Query Builder