CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cisco•added 2016/09/28 4:0 p.m.•23 views

Cisco Videoscape Distribution Suite Service Manager Reflective Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Videoscape Distribution Suite Service Manager VDS-SM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

4.3CVSS6.1AI score0.00292EPSS

Tenable Nessus•added 2016/07/25 12:0 a.m.•35 views

Debian DSA-3627-1 : phpmyadmin - security update

Several vulnerabilities have been fixed in phpMyAdmin, the web-based MySQL administration interface. - CVE-2016-1927 The suggestPassword function relied on a non-secure random number generator which makes it easier for remote attackers to guess generated passwords via a brute-force approach. -...

7.5CVSS6.2AI score0.02778EPSS

Exploits0References28

OpenVAS•added 2016/06/17 12:0 a.m.•20 views

Cisco RV110W, RV130W, and RV215W Routers XSS Vulnerability

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

6.1CVSS6.1AI score0.0025EPSS

Cisco•added 2016/04/20 4:0 p.m.•33 views

Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Wireless LAN Controller WLC devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

7.8CVSS7.6AI score0.00208EPSS

CNVD•added 2016/03/19 12:0 a.m.•2 views

ABB Panel Builder 800 DLL Handling Vulnerability

ABB Panel Builder 800 is a Web-based HMI Human Machine Interface system. ABB Panel Builder fails to properly handle DLL files, allowing an attacker to inject and execute arbitrary code using a DLL with an unspecified absolute path...

7.2CVSS7.8AI score0.00045EPSS

Packet Storm•added 2015/12/24 12:0 a.m.•36 views

XZERES 442SR Wind Turbine Cross Site Scripting

XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability AFFECTED PRODUCTS XZERES is a US-based energy company that maintains offices in several countries around the world, including the UK, Italy, Japan, Vietnam, Philippines, and Myanmar. The affected product, 442SR Wind Turbine, has a...

7.4AI score

CNVD•added 2015/12/23 12:0 a.m.•2 views

Motorola Solutions MOSCAD SCADA IP Gateway Arbitrary File Download Vulnerability

Motorola Solutions MOSCAD SCADA IP Gateway is a Web-based SCADA system that provides management functions from Motorola Motorola Solutions. An arbitrary file download vulnerability exists in Motorola Solutions MOSCAD SCADA IP Gateway. A remote attacker could use this vulnerability to read arbitra...

7.5CVSS6.9AI score0.0062EPSS

exploitpack•added 2014/12/23 12:0 a.m.•35 views

PHPMyRecipes 1.2.2 - browse.php?category SQL Injection

PHPMyRecipes 1.2.2 - browse.php?category SQL Injection Exploit Title : phpMyRecipes 1.2.2 SQL injectionpage browse.php, parameter category Author : Manish Kishan Tanwar Download Link : http://prdownloads.sourceforge.net/php-myrecipes/phpMyRecipes-1.2.2.tar.gz?download Date : 23/12/2014 Discovered...

0.4AI score

securityvulns•added 2014/08/26 12:0 a.m.•79 views

[CVE-2014-5335] CSRF in Innovaphone PBX

Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX Administration GUI Affected Versions: all known versions teste...

6.8CVSS6.7AI score0.00585EPSS

Exploits6

Packet Storm•added 2014/08/22 12:0 a.m.•44 views

Innovaphone PBX Cross Site Request Forgery

6.8CVSS0.4AI score0.00585EPSS

Exploits6

seebug.org•added 2014/07/01 12:0 a.m.•16 views

SurfControl SuperScout Email Filter 3.5 MsgError.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5928/info SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities. The web-based admin interface is prone to cross-site scripting attacks. It is possible ...

seebug.org•added 2014/07/01 12:0 a.m.•27 views

Webmin 0.x Script Code Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4329/info Webmin is a web-based interface for system administration of Unix and Linux operating systems. Webmin does not filter script code from output that may be displayed by the web interface, such as log files, etc...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Microsoft Indexing Service Query Validation Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19927/info Microsoft Indexing Service is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input before it is rendered to other users. An attacker may leverage...

seebug.org•added 2014/07/01 12:0 a.m.•16 views

SurfControl SuperScout Email Filter 3.5 User Credential Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5929/info SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities. One of the files userlist.asp that comes with the web interface contains a listing of...