4143 matches found
DomainMOD 4.13.0 - Cross-Site Scripting
DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter. id: CVE-2020-20988 info: name: DomainMOD 4.13.0 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.13.0 is vulnerable to...
Jenkins <=2.218 - Information Disclosure
Jenkins through 2.218, LTS 2.204.1 and earlier, is susceptible to information disclosure. An attacker can access exposed session identifiers on a user detail object in the whoAmI diagnostic page and thus potentially access sensitive information, modify data, and/or execute unauthorized operations...
Jeesns 1.4.2 - Cross-Site Scripting
Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /newVersion component and allows attackers to execute arbitrary web scripts or HTML. id: CVE-2020-19283 info: name: Jeesns 1.4.2 - Cross-Site Scripting author: pikpikcu severity: medium description: Jeesns 1.4.2 is vulnerable to...
Gridx 1.3 - Remote Code Execution
Gridx 1.3 is susceptible to remote code execution via tests/support/stores/testgridfilter.php, which allows remote attackers to execute arbitrary code via crafted values submitted to the $query parameter. id: CVE-2020-19625 info: name: Gridx 1.3 - Remote Code Execution author: geeknik severity:...
Z-Blog <=1.5.2 - Open Redirect
Z-Blog 1.5.2 and earlier contains an open redirect vulnerability via the redirect parameter in zbsystem/cmd.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-18268 info: name: Z-Blo...
WordPress Checklist <1.1.9 - Cross-Site Scripting
WordPress Checklist plugin before 1.1.9 contains a cross-site scripting vulnerability. The fill parameter is not correctly filtered in the checklist-icon.php file. id: CVE-2019-16525 info: name: WordPress Checklist 1.1.9 - Cross-Site Scripting author: daffainfo severity: medium description:...
Visualizer <3.3.1 - Blind Server-Side Request Forgery
Visualizer prior to 3.3.1 suffers from a blind server-side request forgery vulnerability via the /wp-json/visualizer/v1/upload-data endpoint. id: CVE-2019-16932 info: name: Visualizer 3.3.1 - Blind Server-Side Request Forgery author: akincibor severity: critical description: | Visualizer prior to...
Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript. id: CVE-2019-19368 info: name: Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting author:...
DomainMOD <=4.13.0 - Cross-Site Scripting
DomainMOD through 4.13.0 contains a cross-site scripting vulnerability via /reporting/domains/cost-by-month.php in Daterange parameters. id: CVE-2019-15811 info: name: DomainMOD =4.13.1 to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/47325 -...
WordPress Download Manager <2.9.94 - Cross-Site Scripting
WordPress Download Manager plugin before 2.9.94 contains a cross-site scripting vulnerability via the category shortcode feature, as demonstrated by the orderby or searchpublishdate parameter. id: CVE-2019-15889 info: name: WordPress Download Manager 2.9.94 - Cross-Site Scripting author: daffainf...
L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting
L-Soft LISTSERV before 16.5-2018a contains a reflected cross-site scripting vulnerability via the /scripts/wa.exe OK parameter. id: CVE-2019-15501 info: name: L-Soft LISTSERV 16.5-2018a - Cross-Site Scripting author: LogicalHunter,arafatansari severity: medium description: | L-Soft LISTSERV befor...
PilusCart <=1.4.1 - Local File Inclusion
PilusCart versions 1.4.1 and prior suffer from a file disclosure vulnerability via local file inclusion. id: CVE-2019-16123 info: name: PilusCart =1.4.2 or apply the vendor-supplied patch to mitigate the LFI vulnerability. reference: -...
WordPress My Calendar <= 3.1.9 - Cross-Site Scripting
WordPress plugin My Calendar = 3.1.10 or apply the vendor-provided patch to fix the XSS vulnerability. reference: - https://wpscan.com/vulnerability/9267 - https://wordpress.org/plugins/my-calendar/developers - https://nvd.nist.gov/vuln/detail/CVE-2019-15713 -...
WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting
WordPress Hero Maps Premium plugin 2.2.1 and prior contains an unauthenticated reflected cross-site scripting vulnerability via the views/dashboard/index.php p parameter. id: CVE-2019-19134 info: name: WordPress Hero Maps Premium =2.2.2 or apply the vendor-provided patch to fix the XSS...
MicroStrategy Library <11.1.3 - Cross-Site Scripting
MicroStrategy Library before 11.1.3 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...
Simple Employee Records System 1.0 - Unrestricted File Upload
Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability due to client-side validation of file extensions. This can be used to upload executable code to the server to obtain access or perform remote command execution. id: CVE-2019-20183 info: name: Simple Employee Record...
Metinfo 7.0.0 beta - SQL Injection
Metinfo 7.0.0 beta is susceptible to SQL Injection in app/system/product/admin/productadmin.class.php via the admin/?n=product&c=productadmin&a=dopara&apptype=shop id parameter. id: CVE-2019-16996 info: name: Metinfo 7.0.0 beta - SQL Injection author: ritikchaddha severity: high description:...
Oracle Business Intelligence Publisher - XML External Entity Injection
Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publishe...
WordPress API Bearer Auth <20190907 - Cross-Site Scripting
WordPress API Bearer Auth plugin before 20190907 contains a cross-site scripting vulnerability. The server parameter is not correctly filtered in swagger-config.yaml.php. id: CVE-2019-16332 info: name: WordPress API Bearer Auth 20190907 - Cross-Site Scripting author: daffainfo severity: medium...
DOMOS 5.5 - Local File Inclusion
SECUDOS DOMOS before 5.6 allows local file inclusion via the log module. id: CVE-2019-18665 info: name: DOMOS 5.5 - Local File Inclusion author: 0xAkoko severity: high description: | SECUDOS DOMOS before 5.6 allows local file inclusion via the log module. impact: | Successful exploitation of this...
Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution
Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An...
Xiaomi Mi WiFi R3G Routers - Local file Inclusion
Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnerabilities via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication. id: CVE-2019-18371...
Jfrog Artifactory <6.17.0 - Default Admin Password
Jfrog Artifactory prior to 6.17.0 uses default passwords such as "password" for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. id: CVE-2019-17444 info: name: Jfrog Artifactory...
ifw8 Router ROM v4.31 - Credential Discovery
ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source code. id: CVE-2019-16313 info: name: ifw8 Router ROM v4.31 - Credential Discovery author: pikpikcu severity: high description: ifw8 Router ROM v4.31 is vulnerable to credential disclosure via...
LabKey Server Community Edition <18.3.0 - Cross-Site Scripting
LabKey Server Community Edition before 18.3.0-61806.763 contains a reflected cross-site scripting vulnerability via the onerror parameter in the /r2/query endpoints, which allows an unauthenticated remote attacker to inject arbitrary JavaScript. id: CVE-2019-3911 info: name: LabKey Server Communi...
LabKey Server Community Edition <18.3.0 - Open Redirect
LabKey Server Community Edition before 18.3.0-61806.763 contains an open redirect vulnerability via the /r1/ returnURL parameter, which allows an attacker to redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id:...
Oracle Business Intelligence - Path Traversal
Oracle Business Intelligence versions 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0 are vulnerable to path traversal in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. id: CVE-2019-2588 info: name: Oracle Business Intelligence - Path...
WordPress Sell Media 2.4.1 - Cross-Site Scripting
WordPress Plugin Sell Media v2.4.1 contains a cross-site scripting vulnerability in /inc/class-search.php that allows remote attackers to inject arbitrary web script or HTML via the keyword parameter aka $searchterm or the Search field. id: CVE-2019-6112 info: name: WordPress Sell Media 2.4.1 -...
WordPress CTHthemes - Cross-Site Scripting
WordPress CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes contain reflected cross-site scripting vulnerabilities via a search query. id: CVE-2019-20210 info: name: WordPress CTHthemes - Cross-Site Scripting author: edoardottt severity: medium description: |...
phpMyChat-Plus 1.98 - Cross-Site Scripting
phpMyChat-Plus 1.98 contains a cross-site scripting vulnerability via pmcusername parameter of passreset.php in password reset URL. id: CVE-2019-19908 info: name: phpMyChat-Plus 1.98 - Cross-Site Scripting author: madrobot severity: medium description: | phpMyChat-Plus 1.98 contains a cross-site...
Cisco RV110W RV130W RV215W Router - Information leakage
A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this...
Ignite Realtime Openfire <4.42 - Local File Inclusion
Ignite Realtime Openfire through 4.4.2 is vulnerable to local file inclusion via PluginServlet.java. It does not ensure that retrieved files are located under the Openfire home directory. id: CVE-2019-18393 info: name: Ignite Realtime Openfire 4.42 - Local File Inclusion author: pikpikcu severity...
Submitty <= 20.04.01 - Open Redirect
Submitty through 20.04.01 contains an open redirect vulnerability via authentication/login?old= during an invalid login attempt. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-13121...
WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
WAVLINK WN530H4 M30H4.V5030.190403 contains an information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint. This can allow an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication. id:...
TeamPass 2.1.27.36 - Improper Authentication
TeamPass 2.1.27.36 is susceptible to improper authentication. An attacker can retrieve files from the TeamPass web root, which may include backups or LDAP debug files, and therefore possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-12478 info...
Babel - Open Redirect
Babel contains an open redirect vulnerability via redirect.php in the newurl parameter. An attacker can use any legitimate site using Babel to redirect user to a malicious site, thus possibly obtaining sensitive information, modifying data, and/or executing unauthorized operations. id:...
node-srv - Local File Inclusion
node-srv is vulnerable to local file inclusion due to lack of url validation, which allows a malicious user to read content of any file with known path. id: CVE-2018-3714 info: name: node-srv - Local File Inclusion author: madrobot severity: medium description: node-srv is vulnerable to local fil...
Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting
The Oracle WebCenter Sites 11.1.1.8.0 component of Oracle Fusion Middleware is impacted by easily exploitable cross-site scripting vulnerabilities that allow high privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. id: CVE-2018-3238 info: name: Oracle Fusion...
Ruby On Rails - Local File Inclusion
Ruby On Rails is vulnerable to local file inclusion caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server. id: CVE-2018-3760 info: name: Ruby On Rails - Local File Inclusio...
Oracle E-Business Suite - Blind SSRF
Oracle E-Business Suite, Application Management Pack component User Monitoring subcomponent, is susceptible to blind server-side request forgery. An attacker with network access via HTTP can gain read access to a subset of data, connect to internal services like HTTP-enabled databases, or perform...
Joomla! Portfolio Nexus - Remote File Inclusion
Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF comifnexus component that allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2009-4679 info: name: Joomla! Portfol...
Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion
Joomla! Omilen Photo Gallery comomphotogallery component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. id: CVE-2009-4202 info: name: Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion...
Joomla! Roland Breedveld Album 1.14 - Local File Inclusion
Joomla! Roland Breedveld Album 1.14 comalbum is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. dot dot in the target parameter to index.php. id: CVE-2009-3318 info: name: Joomla! Roland Breedveld...
Joomla! Agora 3.0.0b - Local File Inclusion
Joomla! Agora 3.0.0b comagora allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php. id: CVE-2009-3053 info: name: Joomla! Agora 3.0.0b - Local File Inclusion author: daffainfo severit...
Joomla! Component Advertising 0.25 - Local File Inclusion
A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...
Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion
A directory traversal vulnerability in the Preventive & Reservation compreventive component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1475 info: name: Joomla...
Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting
Parallels H-Sphere 3.0.0 P9 and 3.1 P1 contains multiple cross-site scripting vulnerabilities in login.php in webshell4. An attacker can inject arbitrary web script or HTML via the err, errorcode, and login parameters, thus allowing theft of cookie-based authentication credentials and launch of...
Autonomy Ultraseek - Open Redirect
Open redirect vulnerability in cs.html in the Autonomy formerly Verity Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. id: CVE-2009-0347 info: name: Autonomy Ultraseek - Open Redirect author: ctflearner...
nweb2fax <=0.2.7 - Local File Inclusion
nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the varfilename parameter submitted to viewrq.php. id: CVE-2008-6668 info: name: nweb2fax =0.2.7 - Local File Inclusion author: geeknik severity: medium description: nweb2fax...
Devalcms 1.4a - Cross-Site Scripting
Devalcms 1.4a contains a cross-site scripting vulnerability in the currentpath parameter of the index.php file. id: CVE-2008-6982 info: name: Devalcms 1.4a - Cross-Site Scripting author: arafatansari severity: medium description: | Devalcms 1.4a contains a cross-site scripting vulnerability in th...