Lucene search
+L

79 matches found

OSV
OSV
added 2020/03/30 8:9 p.m.24 views

GHSA-MCX4-F5F5-4859 Prevent cache poisoning via a Response Content-Type header in Symfony

Description ----------- When a Response does not contain a Content-Type header, Symfony falls back to the format defined in the Accept header of the request, leading to a possible mismatch between the response's content and Content-Type header. When the response is cached, this can lead to a...

2.6CVSS4.6AI score0.01297EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2020/03/30 8:9 p.m.64 views

Prevent cache poisoning via a Response Content-Type header in Symfony

Description ----------- When a Response does not contain a Content-Type header, Symfony falls back to the format defined in the Accept header of the request, leading to a possible mismatch between the response's content and Content-Type header. When the response is cached, this can lead to a...

4.3CVSS4.3AI score0.01297EPSS
Exploits0References9Affected Software2
Nvidia
Nvidia
added 2019/12/03 12:0 a.m.45 views

Security Bulletin: Jetson AGX Xavier, TK1, TX1, TX2, and Nano L4T- December 2019

NVIDIA has released a software security update for Jetson AGX Xavier, TK1,TX1, TX2, and Nano in the NVIDIA® Tegra® Linux Driver Package L4T. The update addresses issues that may lead to code execution, denial of service, escalation of privileges, or information disclosure. To protect your system,...

9.3CVSS7.3AI score0.00816EPSS
Exploits0Affected Software5
CNVD
CNVD
added 2019/07/30 12:0 a.m.3 views

Xavier PHP Management Panel Buffer Overflow Vulnerability

Xavier PHP Management Panel is a website user management system. A buffer overflow vulnerability exists in Xavier PHP Management Panel version 3.0. The vulnerability arises when a web system or product performs an operation in memory without properly validating data boundaries, resulting in an...

6.1CVSS7.3AI score0.0043EPSS
Exploits1References1
NVD
NVD
added 2019/07/26 1:15 p.m.24 views

CVE-2019-14228

Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registering the user, the unsanitized username will reflect via the error page. Due to the lack of CSRF...

6.1CVSS6.1AI score0.0043EPSS
Exploits1References2
CVE
CVE
added 2019/07/26 12:35 p.m.339 views

CVE-2019-14228

Xavier PHP Management Panel 3.0 is affected by a Reflected POST-based XSS in the username parameter during new user registration via admin/includes/adminprocess.php. The XSS reflects on the error page when registration fails, and the vulnerability is exacerbated by the absence of CSRF protection ...

6.1CVSS6AI score0.0043EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2019/07/14 12:0 a.m.36 views

Linux/x86 - chmod 666 /etc/passwd & chmod 666 /etc/shadow Shellcode (61 bytes)

Exploit Title: Linux/x86 - chmod 666 /etc/passwd & chmod 666 /etc/shadow 61 bytes Date: 10/07/2019 Exploit Author: Xavier Invers Fornells Contact: email protected Tested on: Debian 4.19.28 Architecture: x86 Size: 61 bytes chmod.nasm global start section .text start: push byte 15 pop eax push byte...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/11/03 12:0 a.m.4 views

Xavier PHP Management Panel SQL Injection Vulnerability

Xavier PHP Management Panel is a PHP-based web content protection script. A SQL injection vulnerability exists in Xavier PHP Management Panel version 2.4. A remote attacker can inject malicious SQL commands into the admin/adminuseredit.php file by sending the 'usertoedit' parameter or the...

7.2CVSS8.3AI score0.00928EPSS
Exploits3References1
Prion
Prion
added 2017/10/28 12:29 a.m.14 views

Sql injection

Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the logid parameter to admin/editgroup.php...

6.5CVSS7.4AI score0.00928EPSS
Exploits3References1Affected Software1
OSV
OSV
added 2017/10/28 12:29 a.m.5 views

CVE-2017-15949

Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the logid parameter to admin/editgroup.php...

7.2CVSS5.8AI score0.00928EPSS
Exploits3References1
NVD
NVD
added 2017/10/28 12:29 a.m.19 views

CVE-2017-15949

Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the logid parameter to admin/editgroup.php...

7.2CVSS7.5AI score0.00928EPSS
Exploits3References1
Cvelist
Cvelist
added 2017/10/28 12:0 a.m.21 views

CVE-2017-15949

Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the logid parameter to admin/editgroup.php...

7.4AI score0.00928EPSS
Exploits3References1
CVE
CVE
added 2017/10/28 12:0 a.m.55 views

CVE-2017-15949

CVE-2017-15949 affects Xavier PHP Management Panel 2.4. The vulnerability is an SQL injection in the admin/adminuseredit.php endpoint (parameter: usertoedit) and in admin/editgroup.php (parameter: log_id). Exploitation could allow an attacker to inject SQL commands and potentially take control of...

7.2CVSS7.4AI score0.00928EPSS
Exploits3References1Affected Software1
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/06/16 1:0 p.m.22 views

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2017/06/13 12:32 a.m.20 views

Beware! Over 800 Android Apps on Google Play Store Contain 'Xavier' Malware

Over 800 different Android apps that have been downloaded millions of times from Google Play Store found to be infected with malicious ad library that silently collects sensitive user data and can perform dangerous operations. Dubbed "Xavier," the malicious ad library, initially emerged in...

7.5AI score
Exploits0
CNVD
CNVD
added 2017/06/08 12:0 a.m.4 views

Xavier SQL Injection Vulnerability

Xavier - PHP is a login script and user management administration panel. Xavier suffers from a SQL injection vulnerability. Allows attackers to exploit the vulnerability to obtain sensitive information...

7.9AI score
Exploits0References1
0day.today
0day.today
added 2017/06/07 12:0 a.m.129 views

Xavier 2.4 - SQL Injection Vulnerability

Exploit for php platform in category web applications Document Title: =============== Xavier v2.4 PHP MP - SQL Injection Web Vulnerabilities Vulnerability Class: ==================== SQL Injection Current Estimated Price: ======================== 1.000€ - 2.000€ Product & Service Introduction:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2017/06/07 12:0 a.m.28 views

Xavier 2.4 - SQL Injection

Xavier 2.4 - SQL Injection Document Title: =============== Xavier v2.4 PHP MP - SQL Injection Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2076 Release Date: ============= 2017-06-06 Vulnerability Laboratory ID VL-ID:...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2017/06/07 12:0 a.m.72 views

Xavier 2.4 - SQL Injection

Document Title: =============== Xavier v2.4 PHP MP - SQL Injection Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2076 Release Date: ============= 2017-06-06 Vulnerability Laboratory ID VL-ID: ==================================== 20...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/06/06 12:0 a.m.93 views

Xavier v2.4 PHP MP - SQL Injection Web Vulnerabilities

Document Title: =============== Xavier v2.4 PHP MP - SQL Injection Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2076 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15949 CVE-ID: ======= CVE-2017-15949 Release Date:...

6.5CVSS7AI score0.00928EPSS
Exploits3
Rows per page
Query Builder