Lucene search
+L

84 matches found

Openbugbounty
Openbugbounty
added 2020/11/08 12:20 p.m.10 views

m.anli.jiaju.sina.com.cn Cross Site Scripting vulnerability OBB-1493777

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
The Hacker News
The Hacker News
added 2020/07/24 8:56 a.m.66 views

Researchers Reveal New Security Flaw Affecting China's DJI Drones

Cybersecurity researchers on Thursday revealed security issues in the Android app developed by Chinese drone-maker Da Jiang Innovations DJI that comes with an auto-update mechanism that bypasses Google Play Store and could be used to install malicious applications and transmit sensitive personal...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/02/11 12:0 a.m.5 views

omniauth-weibo-oauth2 gem for Ruby Code Execution Vulnerability

The omniauth-weibo-oauth2 gem for Ruby is a Ruby-based authentication package. A security vulnerability exists in the omniauth-weibo-oauth2 gem for Ruby version 0.4.6 deployed on RubyGems.org. An attacker can exploit the vulnerability to execute code...

9.8CVSS7.3AI score0.02437EPSS
Exploits0References1
OSV
OSV
added 2020/02/07 2:15 p.m.5 views

CVE-2019-17268

The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected...

9.8CVSS5.8AI score0.02437EPSS
Exploits0References2
Prion
Prion
added 2020/02/07 2:15 p.m.14 views

Buffer overflow

The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected...

7.5CVSS9.5AI score0.02437EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/02/07 1:51 p.m.70 views

CVE-2019-17268

The CVE-2019-17268 entry concerns the Ruby gem omniauth-weibo-oauth2.0.4.6 distributed on RubyGems.org, which contains a code-execution backdoor inserted by a third party. The vulnerability affects version 0.4.6; versions through 0.4.5, and 0.5.1 and later, are unaffected. The root cause is malic...

9.8CVSS9.4AI score0.02437EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/12/18 12:0 a.m.5 views

Unspecified Vulnerability in CloudBees Jenkins Weibo Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A security vulnerability exis...

5.5CVSS6.8AI score0.0033EPSS
Exploits0References1
OSV
OSV
added 2019/12/17 3:15 p.m.3 views

CVE-2019-16572

Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.5CVSS5.8AI score0.0033EPSS
Exploits0References2
NVD
NVD
added 2019/12/17 3:15 p.m.18 views

CVE-2019-16572

Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.5CVSS5.5AI score0.0033EPSS
Exploits0References2
Prion
Prion
added 2019/12/17 3:15 p.m.15 views

Design/Logic Flaw

Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

2.1CVSS5.4AI score0.0033EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2019/12/17 2:40 p.m.10 views

CVE-2019-16572

Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

6.7AI score0.0033EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/12/17 2:40 p.m.21 views

CVE-2019-16572

Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.4AI score0.0033EPSS
Exploits0References2
CVE
CVE
added 2019/12/17 2:40 p.m.64 views

CVE-2019-16572

CVE-2019-16572 affects Jenkins Weibo Plugin versions 1.0.1 and earlier. Root cause: credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master, enabling access by users with master file-system access. Consequences stated across connected sources include exp...

5.5CVSS5.4AI score0.0033EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/12/17 12:0 a.m.6 views

PT-2019-14727 · Jenkins · Jenkins Weibo Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Weibo Plugin versions 1.0.1 and earlier Description: The issue allows credentials to be stored unencrypted in the global configuration file on the Jenkins master. This can be viewed by users with access to the master file system...

5.5CVSS6.5AI score0.0033EPSS
Exploits0References5
n0where
n0where
added 2018/08/22 5:26 p.m.33 views

Social Media Enumeration & Correlation Tool: Social Mapper

Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searching popular social media sites for targets names and pictures to accurately detect and group a person’s...

Exploits0References1
Kitploit
Kitploit
added 2018/08/12 1:10 p.m.22 views

Social Mapper - A Social Media Enumeration & Correlation Tool

A Social Media Mapping Tool that correlates profiles via facial recognition by Jacob WilkinGreenwolf Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searchin...

7.2AI score
Exploits0References2
CNVD
CNVD
added 2017/09/08 12:0 a.m.3 views

IBOS Enterprise Collaboration Management Software WeiboController.php page actionFollowing function has SQL injection vulnerability

IBOS Enterprise Collaboration Management Software is a PHP-based collaborative office management system. A SQL injection vulnerability exists in the WeiboController.php page of IBOS Enterprise Collaboration Management Software. An attacker is allowed to exploit the vulnerability to obtain sensiti...

7.6AI score
Exploits0
myhack58
myhack58
added 2017/03/16 12:0 a.m.212 views

The Struts S2-045 vulnerability heat analysis-vulnerability warning-the black bar safety net

Author: janesknow Chong Yu 404 laboratory Date: 2017-03-15 Background description Struts2 official to GMT 2017 3 December 6, 10pm published Struts2 there is a remote code execution vulnerability vulnerability number S2-045, CVE number: CVE-2017-5638, and rated as high-risk vulnerabilities. Becaus...

10CVSS0.99999EPSS
Exploits44
Kitploit
Kitploit
added 2016/09/30 2:46 p.m.210 views

QrlJacker - QrlJacking Exploitation Framework

A python framework which goal is to exploit QrlJacking attack vector easily Installation Requirements Python 2.7.x Requests Pillow Selenium configparser Installation on Windows After downloading the framework cd QrlJacking-Framework pip install -r requirements.txt python QRLJacker.py Installation...

7.2AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2016/07/18 9:38 a.m.23 views

weibo.com XSS vulnerability

Vulnerable URL: http://www.weibo.com/signup/signup.php?lang=zh-hk&"-alert/OPENBUGBOUNTY//////=qiyewei Details: Description| Value ---|--- Patched:| Yes, at 07.02.2017 Latest check for patch:| 07.02.2017 10:33 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 20 VI...

6.2AI score
Exploits0
Rows per page
Query Builder