Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.4 views

CVE-2026-3266

Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. This issue affects Filr: through 25.1.2...

9.8CVSS5.9AI score0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-1040

Malware in sbrugna...

8.8CVSS8.8AI score0.0072EPSS
Exploits0References4
Veracode
Veracode
added 2024/01/22 5:58 a.m.27 views

Information Disclosure

jupyterlab is vulnerable to Information Disclosure. The vulnerability is due to a lack of URL validation or sanitization, which could potentially allow an attacker to craft a malicious URL that exposes sensitive information such as Authorization and XSRF tokens when the link is clicked on...

7.6CVSS6.4AI score0.00665EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2019/02/15 6:0 p.m.23 views

CVE-2019-0267

SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, Illuminator Servlet currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application...

8.6AI score0.0072EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/08/11 12:0 a.m.14 views

Halon Security Router < 3.2r2 Multiple Vulnerabilities

According to its self-reported version, the instance of Halon Security Router running on the remote host is affected by multiple vulnerabilities : - Multiple reflected cross-site scripting vulnerabilities exist in the web interface due to a failure to sanitize user-supplied input. - Multiple...

5.2AI score
Exploits0
Hacker One
Hacker One
added 2014/02/21 1:47 a.m.52 views

Internet Bug Bounty: Flash local-with-fileaccess Sandbox Bypass

The proof of concept attached will exploit the implementation of flash in some browsers that will bypass the local-with-fileaccess sandbox. By encoding in ignored file:// uri characters, and navigating to another page with a decoder script. one is able to read arbitrary files AND parse it to the...

5CVSS6AI score0.04725EPSS
Exploits1
0day.today
0day.today
added 2012/05/03 12:0 a.m.39 views

OpenKM Document Management System 5.1.7 Command Execution

Exploit for jsp platform in category web applications COMPASS SECURITY ADVISORY http://www.csnc.ch/ ID: COMPASS-2012-002 Product: OpenKM Document Management System 5.1.7 1 Vendor: OpenKM http://www.openkm.com/ Subject: Cross-site Request Forgery based OS Command Execution Risk: High Effect:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2012/01/09 12:0 a.m.116 views

OpenKM 5.1.7 OS Command Execution &#40;XSRF based&#41;

COMPASS SECURITY ADVISORY http://www.csnc.ch/ ID: COMPASS-2012-002 Product: OpenKM Document Management System 5.1.7 1 Vendor: OpenKM http://www.openkm.com/ Subject: Cross-site Request Forgery based OS Command Execution Risk: High Effect: Remotely exploitable Author: Cyrill Brunschwiler...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/02/10 12:0 a.m.30 views

Drupal CAPTCHA Logic Security Flaw

Drupal Captcha bruteforcing bypass This is a Proof Of Concept to demonstrate a logic security flow in the way drupal captcha is used to protect login forms from bruteforce. If the captcha challenge is solved, the next login attempts can be issued without solving any new captcha challenge. Usage:...

7.4AI score
Exploits0
Rows per page
Query Builder