CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2025/11/17 6:15 p.m.•5 views

@dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via welcome message

Description Since version 4.12.0, Dependency-Track users with the SYSTEMCONFIGURATION permission can configure a "welcome message", which is HTML that is to be rendered on the login page for branding purposes. When rendering the welcome message, Dependency-Track versions before 4.13.6 did not...

4.8CVSS7.1AI score0.0019EPSS

Exploits0References6Affected Software1

Cvelist•added 2025/11/17 5:24 p.m.•7 views

CVE-2025-64758 @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message

4.8CVSS0.0019EPSS

OSV•added 2025/11/17 5:24 p.m.•5 views

CVE-2025-64758 @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message

4.8CVSS6.9AI score0.0019EPSS

Exploits0References6

Vulnrichment•added 2025/11/17 5:24 p.m.•3 views

CVE-2025-64758 @dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message

4.8CVSS6.5AI score0.0019EPSS

CVE•added 2025/11/17 5:24 p.m.•10 views

CVE-2025-64758

CVE-2025-64758 affects Dependency-Track frontend (SPA). From 4.12.0 up to before 4.13.6, administrators with SYSTEM_CONFIGURATION could configure a login-page welcome message that was not properly sanitized, allowing arbitrary JavaScript to execute in users’ browsers. The issue results in a persi...

4.8CVSS6.6AI score0.0019EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-3936

Malware in sbrugna...

5.3CVSS5.5AI score0.01589EPSS

Kitploit•added 2019/02/10 1:13 p.m.•203 views

Hontel - Telnet Honeypot

HonTel is a Honeypot for Telnet service. Basically, it is a Python v2.x application emulating the service inside the chroot environment. Originally it has been designed to be run inside the Ubuntu environment, though it could be easily adapted to run inside any Linux environment. Documentation:...

7.5AI score

Exploits0References3

CNVD•added 2017/12/04 12:0 a.m.•1 views

Cisco WebEx Meeting Server Security Bypass Vulnerability

Cisco WebEx Meeting Server is the United States Cisco Cisco WebEx meeting program in a set of multifunctional meeting solutions that include audio, video and Web conferencing. A security vulnerability exists in Cisco WebEx Meeting Server that stems from the program's failure to implement adequate...

5.3CVSS6.8AI score0.01589EPSS

Exploits0References1

Prion•added 2017/11/30 9:29 a.m.•16 views

Security feature bypass

A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. The vulnerability is due to insufficient security settings on meetings. An attacker could exploit this vulnerability by modifying the...

5CVSS5.2AI score0.01589EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/11/30 9:0 a.m.•14 views

CVE-2017-12363

5.3AI score0.01589EPSS

Exploits0References3

Cisco•added 2017/11/29 4:0 p.m.•33 views

Cisco WebEx Meeting Server Unauthorized Welcome Message Modification Vulnerability

5.3CVSS5.3AI score0.01589EPSS

Exploits0References1

Citrix•added 2016/10/05 12:0 a.m.•7 views

How to add a pre-log in or post-log in message for users in an on-prem Storefront environment

With on-prem Storefront, administrators can customise their users' pre-log in or post log-in experience by adding a pop-up welcome message...

OpenVAS•added 2016/02/11 12:0 a.m.•65 views

Adobe Experience Manager (AEM) Detection (HTTP)

HTTP based detection of Adobe Experience Manager AEM. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

seebug.org•added 2014/07/01 12:0 a.m.•16 views

MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure

No description provided by source. MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure Bug Found & Exploited by Kingcope May 2010 The latest version at the time of this advisory is vulnerble to the attack. It seems all files which the SYSTEM account can read can be accessed remotel...

seebug.org•added 2014/07/01 12:0 a.m.•22 views

ProFTP 2.9 Banner Remote Buffer Overflow Exploit

No description provided by source. $Id: proftpbanner.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

seebug.org•added 2014/07/01 12:0 a.m.•11 views

CrystalFTP Pro 2.8 - Remote Buffer Overflow Exploit

No description provided by source. / CrystalFTP Pro v2.8 Buffer Overflow Exploit 04/25/2005 despite the fact that nobody uses CrystalFTP i had to release a new version that replaces the first one. this overwrites the structured exception handler with a pop edx pop eax ret in kernel32.dll. this...

Metasploit•added 2010/10/12 5:31 p.m.•21 views

Simple FTP Client Fuzzer

This module will serve an FTP server and perform FTP client interaction fuzzing This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Fuzzer written by corelanc0d3r -...