Lucene search
+L

158 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.28 views

YUI < 2.9.0 Cross-site Scripting

According to its self-reported version number, YUI is prior to 2.9.0. Therefore, it may be affected by a cross-site scripting vulnerability in the addItem method in the Menu widget. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reporte...

4.3CVSS6.5AI score0.0223EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.56 views

YUI 2.4.0 < 3.0.0 Cross-site Scripting

According to its self-reported version number, YUI is at least 2.4.0 and prior to 3.0.0. Therefore, it may be affected by a cross-site scripting vulnerability via YUI .swf files. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

4.3CVSS6.6AI score0.02454EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.16 views

YUI 3.0.0 < 3.10.1 Cross-site Scripting

According to its self-reported version number, YUI is at least 3.0.0 and prior to 3.10.1 or 3.10.2. Therefore, it may be affected by a cross-site scripting vulnerability via YUI io.swf file. Note that the scanner has not tested for these issues but has instead relied only on the application's...

4.3CVSS6.6AI score0.01492EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.21 views

YUI 3.10.2 Cross-site Scripting

According to its self-reported version number, YUI is at least 3.0.0 and prior to 3.10.1 or 3.10.2. Therefore, it may be affected by a cross-site scripting vulnerability via YUI io.swf file. Note that the scanner has not tested for these issues but has instead relied only on the application's...

4.3CVSS6.6AI score0.01492EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.16 views

YUI 3.5.0-PR1 < 3.5.1 Cross-site Scripting

According to its self-reported version number, YUI is at least 3.5.0-PR1 and prior to 3.5.1. Therefore, it may be affected by a cross-site scripting vulnerability involving the ARIA live region and text results. Note that the scanner has not tested for these issues but has instead relied only on...

6.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.30 views

YUI 3.0.0 < 3.10.0 Cross-site Scripting

According to its self-reported version number, YUI is at least 3.0.0 and prior to 3.10.0. Therefore, it may be affected by a cross-site scripting vulnerability via YUI .swf files used in the IO Utility and Uploader components. Note that the scanner has not tested for these issues but has instead...

4.3CVSS6.6AI score0.02454EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.22 views

YUI 2.4.0 < 2.8.2 Cross-site Scripting

According to its self-reported version number, YUI is at least 2.4.0 and prior to 2.8.2. Therefore, it may be affected by a cross-site scripting vulnerability via YUI .swf files. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

4.3CVSS6.6AI score0.04309EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/12 12:0 a.m.6 views

SugarCRM Community Edition Cross-Site Scripting Vulnerability

SugarCRM Community Edition is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales representatives. A...

6.1CVSS6AI score0.04353EPSS
Exploits5References1
OSV
OSV
added 2018/10/10 9:29 p.m.7 views

CVE-2018-17784

Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on a targeted system...

6.1CVSS5.7AI score0.04353EPSS
Exploits5References3
NVD
NVD
added 2018/10/10 9:29 p.m.19 views

CVE-2018-17784

Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on a targeted system...

6.1CVSS6.1AI score0.04353EPSS
Exploits5References3
Prion
Prion
added 2018/10/10 9:29 p.m.14 views

Cross site scripting

Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on a targeted system...

4.3CVSS6AI score0.04353EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/10/10 9:0 p.m.65 views

CVE-2018-17784

CVE-2018-17784: SugarCRM Community Edition 6.5.26 contains multiple XSS vulnerabilities in YUI/FlashCanvas, via components such as uploader.swf, io.swf and flashcanvas.swf. An unauthenticated, remote attacker can inject arbitrary web scripts on a target system. Evidence across sources confirms th...

6.1CVSS6AI score0.04353EPSS
Exploits5References3Affected Software1
Veracode
Veracode
added 2017/07/30 9:28 p.m.28 views

Cross-site Scripting (XSS)

Moodle is vulnerable to cross-site scripting XSS attacks. These attacks are possible through the io.swf component of Yahoo! YUI used within Moodle...

4.3CVSS5.2AI score0.01492EPSS
Exploits0References6Affected Software3
Node.js
Node.js
added 2017/03/24 5:40 p.m.73 views

Cross-Site Scripting

Overview Affected versions of yui are vulnerable to cross-site scripting in the uploader.swf and io.swf utilities, via script injection in the url. Recommendation YUI has published their recommendation to fix this issue. Their recommendation is to: - Delete self-hosted copies of these files if yo...

4.3CVSS1.6AI score0.01492EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2016/02/05 9:11 p.m.20 views

VBScan 0.1.4 - Black Box vBulletin Vulnerability Scanner

VBScan is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them. Why VBScan ? If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBullet...

6.6AI score
Exploits0References3
Hacker One
Hacker One
added 2015/12/10 9:55 a.m.47 views

QIWI: [rubm.qiwi.com] Yui charts.swf XSS

Yui charts.swf XSS...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/02/25 12:0 a.m.37 views

Cisco Ironport AsyncOS Cross Site Scripting

Cisco Ironport AsyncOS Cross Site Scripting Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.0.1-023 Cisco Ironport WSA - AsyncOS 8.5.5-022 Cisco Ironport SMA - AsyncOS 8.4.0-126 Date: 24/02/2015 Credits: Glafkos Charalambous CVE: CVE-2013-6780...

4.3CVSS6.4AI score0.02417EPSS
Exploits2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

YUI Images Script Shell Upload Vulnerability

No description provided by source. Title: YUI Images Script Shell Upload Vulnerability Version: 1.0 Author: Mr.P3rfekT Software Link: http://momche.net/res/YUI-upload/html/momche-yui-upload.zip Tested on Lunix CVE : N/A Founded By Mr.P3rfekT Helllo Allz Exploit : http://127.0.0.1/YUI-upload/html...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/05/08 2:0 a.m.34 views

Acunetix Web Vulnerability Scanner Version 9 - Web Application Security Testing Tool

Acunetix W eb V ulnerability S canner WVS is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive...

7.9AI score
Exploits0
Packet Storm
Packet Storm
added 2014/01/10 12:0 a.m.103 views

vBulletin YUI 2.9.0 Cross Site Scripting

Author: TUNISIAN CYBER + Exploit Title: vBulletin YUI 2.9.0 Cross Site Scripting vulnerability + Date: 09-01-2014 + Category: WebApp + Google Dork: :inurl:"clientscript/yui/uploader/assets/" + Tested on: KaliLinux + Friend's blog: www.na3il.com +Description: YUI is a free, open source JavaScript...

0.1AI score
Exploits0
Rows per page
Query Builder