Lucene search
K

30 matches found

Prion
Prion
added 2017/01/23 9:59 p.m.16 views

Sql injection

SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.01644EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2017/01/23 9:0 p.m.24 views

CVE-2016-5742

SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

10AI score0.01644EPSS
Exploits0References5
Hacker One
Hacker One
added 2016/06/20 7:16 p.m.145 views

Nextcloud: WordPress Vulnerabilities: User Enumeration, Vulnerable Akismet Plugin, XML-RPC Interface available

User Enumeration: It is possible to enumerate four WordPress usernames jancborchardt, jos, lukasreschke, frank. An attacker can use these username to carry out brute-force attack in order to forcefully authenticate. 2. Akismet Plugin2.5.0-3.1.4 vulnerable to unauthenticated Stored Cross Site...

0.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2016/04/14 12:0 a.m.8 views

PT-2016-3556 · Red Hat · Spacewalk +1

Name of the Vulnerable Software and Affected Versions: Spacewalk and Red Hat Satellite version 5.7 Description: A cross-site scripting XSS issue exists, allowing remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the XMLRPC API, involving user details...

6.1CVSS5.6AI score0.01578EPSS
Exploits0References44
OpenVAS
OpenVAS
added 2015/03/12 12:0 a.m.35 views

Debian Security Advisory DSA 3183-1 (movabletype-opensource - security update)

Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...

7.5CVSS0.6AI score0.75029EPSS
Exploits5References1
NVD
NVD
added 2014/12/16 6:59 p.m.24 views

CVE-2014-9057

SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.2AI score0.01989EPSS
Exploits0References4
Metasploit
Metasploit
added 2013/02/08 8:43 p.m.23 views

Titan FTP Administrative Password Disclosure

On Titan FTP servers prior to version 9.14.1628, an attacker can retrieve the username and password for the administrative XML-RPC interface, which listens on TCP Port 31001 by default, by sending an XML request containing bogus authentication information. After sending this request, the server...

0.2AI score
Exploits2
UbuntuCve
UbuntuCve
added 2008/05/07 8:20 p.m.37 views

CVE-2008-2104

The WebService in Bugzilla 3.1.3 allows remote authenticated users without canconfirm privileges to create NEW or ASSIGNED bug entries via a request to the XML-RPC interface, which bypasses the canconfirm check...

4CVSS5.9AI score0.0093EPSS
Exploits0References1
NVD
NVD
added 2008/05/07 8:20 p.m.25 views

CVE-2008-2104

The WebService in Bugzilla 3.1.3 allows remote authenticated users without canconfirm privileges to create NEW or ASSIGNED bug entries via a request to the XML-RPC interface, which bypasses the canconfirm check...

4CVSS6.3AI score0.0093EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2005/05/24 12:0 a.m.4 views

PT-2005-2673 · Postnuke · Postnuke

Name of the Vulnerable Software and Affected Versions: PostNuke versions 0.750 through 0.760RC3 Description: The issue allows remote attackers to obtain sensitive information via direct requests to various files, including theme.php and Xanthia.php in the Xanthia module, multiple files in the...

5CVSS6.2AI score0.01125EPSS
Exploits0References2
Rows per page
Query Builder