Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2008/12/16 12:0 a.m.118 views

About the security content of Security Update 2008-008 / Mac OS X v10.5.6

About the security content of Security Update 2008-008 / Mac OS X v10.5.6 Last Modified: December 15, 2008 Article: HT3338 Summary This document describes the security content of Security Update 2008-008 / Mac OS X v10.5.6, which can be downloaded and installed via Software Update preferences, or...

10CVSS0.2AI score0.18795EPSS
Exploits4
securityvulns
securityvulns
added 2008/06/05 12:0 a.m.118 views

iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities

iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...

7.5CVSS0.8AI score0.03194EPSS
Exploits0
securityvulns
securityvulns
added 2008/06/05 12:0 a.m.118 views

iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Authorization Bypass Vulnerability

iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...

7.5CVSS0.03268EPSS
Exploits0
securityvulns
securityvulns
added 2008/02/22 12:0 a.m.118 views

joomla SQL Injection(com_idvnews)

joomla SQL Injectioncomidvnews AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"comidvnews"catid DORK 2 : allinurl: EXPLOIT :...

1AI score
Exploits0
securityvulns
securityvulns
added 2007/12/05 12:0 a.m.118 views

[ECHO_ADV_86$2007] Mambo/Joomla Component rsgallery <= 2.0 beta 5 (catid) Remote SQL Injection Vulnerability

ECHOADV86$2007 ----------------------------------------------------------------------------------------- ECHOADV86$2007 Mambo/Joomla Component rsgallery = 2.0 beta 5 catid Remote SQL Injection Vulnerability -----------------------------------------------------------------------------------------...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.118 views

Mozilla Foundation Security Advisory 2007-24

Mozilla Foundation Security Advisory 2007-24 Title: Unauthorized access to wyciwyg:// documents Impact: High Announced: July 17, 2007 Reporter: Michal Zalewski Products: Firefox Fixed in: Firefox 2.0.0.5 Description Michal Zalewski reported that it was possible to bypass the same-origin checks an...

6.8CVSS0.3AI score0.01966EPSS
Exploits1
securityvulns
securityvulns
added 2007/04/16 12:0 a.m.118 views

Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/12 12:0 a.m.118 views

LunarPoll (PollDir) Remote File Include Vulnerabilities

------------------------------------------------------------------------------------------------------------------- AYYILDIZ.ORG PreSents... Script:LunarPoll Script Download: dexxaboy.com/scripts/lunarpoll/download/ Contact: ilker Kandemir ilkerkandemiratmynet.com Code:...

3.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/12 12:0 a.m.118 views

Nwom topsites v3.0

Nwom topsites v3.0 http://www.nwom.net Vulnerable files: Comment input. index.php SQL info released on error: http://www.example.com/index.php?o=' XSS: http://www.example.com/index.php?o=IMG20SRC=javascript:alertString.fromCharCode88,83,83 - Luny...

Exploits0
securityvulns
securityvulns
added 2006/10/21 12:0 a.m.118 views

Open Meetings Filing Application (PROJECT_ROOT) Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-= Open Meetings Filing Application PROJECTROOT Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-= Author: xoron Tum islam aleminin...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/09/18 12:0 a.m.118 views

SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include

SolpotCrew Community phpBB XS phpbbrootpath Remote File Include Download file : http://www.phpbbxs.eu/dload.php?action=category&catid=2 Bug Found By : NoGe a.k.a dajackass contact: [email protected] Website : http://nyubicrew.org/adv/Nogeadv02.txt Greetz: skulmaticthanks for sharing knowledge...

Exploits0
securityvulns
securityvulns
added 2006/09/14 12:0 a.m.118 views

DCP-Portal SE 6.0 multiple injections

Hello,, DCP-Portal SE 6.0 multiple injections Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] sql injections if magicqoutesgpc = off // lostpassword.php you can recive the reset password email on your email for any user you...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/07/24 12:0 a.m.118 views

Secunia Research: IceWarp Web Mail Two File Inclusion Vulnerabilities

====================================================================== Secunia Research 17/07/2006 - IceWarp Web Mail Two File Inclusion Vulnerabilities - ====================================================================== Table of Contents Affected...

5CVSS0.4AI score0.05452EPSS
Exploits2
securityvulns
securityvulns
added 2006/05/17 12:0 a.m.118 views

[SA20136] FreeFTPd SFTP Key Exchange Algorithm String Buffer Overflow

TITLE: FreeFTPd SFTP Key Exchange Algorithm String Buffer Overflow SECUNIA ADVISORY ID: SA20136 VERIFY ADVISORY: http://secunia.com/advisories/20136/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: From remote SOFTWARE: FreeFTPd 1.x http://secunia.com/product/6138/ DESCRIPTION: A...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2006/03/22 12:0 a.m.118 views

[eVuln] PHP SimpleNEWS, PHP SimpleNEWS MySQL - Authentication Bypass Vulnerability

New eVuln Advisory: PHP SimpleNEWS, PHP SimpleNEWS MySQL - Authentication Bypass Vulnerability http://evuln.com/vulns/94/summary.html --------------------Summary---------------- eVuln ID: EV0094 Vendor: Himpfen Consulting Company Vendor's Web Site: http://www.himpfenconsulting.com/ Software: PHP...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2005/04/14 12:0 a.m.118 views

Internet Explorer wininet.dll URL parsing memory corruption details

Vendor: Microsoft Software: Internet Explorer 6.0, 5.5, 5.01 Problem: Memory corruption, code execution Remote: Yes Risk Level: Medium to low hard to exploit Authors: Axle ICQ 755756 bug discovery 3APA3A, http://www.security.nnov.ru/ bug research Original URL:...

7.5CVSS0.1AI score0.5791EPSS
Exploits0
securityvulns
securityvulns
added 2004/04/14 12:0 a.m.118 views

US-CERT Technical Cyber Security Alert TA04-104A -- Multiple Vulnerabilities in Microsoft Products

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vulnerabilities in Microsoft Products Original release date: April 13, 2004 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows Operating Systems Microsoft Windows Remote Procedure Call RPC and Distributed Component Object Mod...

10CVSS0.5AI score0.8615EPSS
Exploits17
securityvulns
securityvulns
added 2003/11/13 12:0 a.m.118 views

PHP-Coolfile version 1.4 unauthorized access

/ --------------------------------- RusH security team advisory --------------------------------- www.rsteam.ru http://rst.void.ru / // Product: PHP-Coolfile Version: 1.4 Vuln: unauthorized access OffSite: http://dcom.bip.ru/coolfile/ // Date: 11/11/2003 Author: 1dt.w0lf // RsT // Problem: ======...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2003/08/06 12:0 a.m.118 views

Windows drivers privilege escalation

During access to driver memory range for input/output buffers is not checked...

5.9AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2003/06/24 12:0 a.m.118 views

XSS Exploit In phpBB viewtopic.php

XSS Exploit In phpBB viewtopic.php A: BACKGROUND from phpbb.com phpBB is a high powered, fully scalable, and highly customisable open- source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2003/06/21 12:0 a.m.118 views

SurfControl Web Filter directory traversal

Directory traversal in web interface TCP/8888...

3.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/03/11 12:0 a.m.118 views

ascdc Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: ascdc Buffer Overflow Vulnerability ADVISORY ID: WSIR-01/02-06 DISCOVERED BY: Christer Цberg, Wkit Security AB CONTACT: [email protected], Wkit Security AB CLASS: Buffer Overflow OBJECT: ascdc exec VENDOR: Rob Malda http://www.CmdrTaco.net...

7AI score
Exploits0
securityvulns
securityvulns
added 2000/06/17 12:0 a.m.118 views

Remote DoS Attack in Small HTTP Server ver. 1.212 Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS Attack in Small HTTP Server ver. 1.212 Vulnerability USSR Advisory Code: USSR-2000047 Release Date: June 16, 2000 Systems Affected: Small HTTP Server ver. 1.212 maybe others THE PROBLEM The Ussr Labs team has recently discovered a buffer...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.117 views

Ahrareandeysheh CMS Cross-Site Scripting Vulnerability

Ahrareandeysheh CMS All version suffers from a Cross-Site Scripting Vulnerability @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@...

6.4AI score
Exploits0
securityvulns
securityvulns
added 2014/10/14 12:0 a.m.117 views

TP-LINK WDR4300 - Stored XSS & DoS

Advisory Information =============== Vendors Contacted: TP-LINK Vendor Patched: Yes, Firmware 140916 System Affected: N750 Wireless Dual Band Gigabit Router TL-WDR4300, might affect others. Versions Affected: 130617 , possibly earlier CVE Numbers Assigned: CVE-2014-4727, CVE-2014-4728...

5CVSS0.8AI score0.02018EPSS
Exploits4
securityvulns
securityvulns
added 2014/05/30 12:0 a.m.117 views

OpenSSL security vulnerabilities

Information leakage, key recovery. This vulnerability is actively used in-the-wild...

5CVSS2.3AI score0.99999EPSS
Exploits88References44Affected Software41
securityvulns
securityvulns
added 2014/05/29 12:0 a.m.117 views

APPLE-SA-2014-05-21-1 Safari 6.1.4 and Safari 7.0.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-05-21-1 Safari 6.1.4 and Safari 7.0.4 Safari 6.1.4 and Safari 7.0.4 are now available and address the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3 Impact...

7.5CVSS0.1AI score0.03225EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.117 views

CVE-2014-5880 - Authentication Bypass in Oracle Demantra

Vulnerability title: Authentication Bypass in Oracle Demantra CVE: CVE-2014-5880 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: The authentication filter in Oracle Demantra is broken by design. For example the page:...

0.2AI score
Exploits5
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.117 views

ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

4.3CVSS0.1AI score0.73327EPSS
Exploits4
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.117 views

[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...

10CVSS0.8AI score0.90133EPSS
Exploits17
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.117 views

SEC Consult SA-20130805-0 :: Vodafone EasyBox Default WPS PIN Algorithm Weakness

SEC Consult Vulnerability Lab Security Advisory 20130805-0 ======================================================================= title: Vodafone EasyBox Default WPS PIN Algorithm Weakness product: EasyBox 802 & EasyBox 803 vulnerable version: EasyBox 802 - all versions EasyBox 803 - Production...

Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.117 views

[Full-disclosure] Magnolia CMS multiple access control vulnerabilities

Subject: ====== Multiple access control vulnerabilities in Magnolia CMS, Community and Enterprise editions CVE ID: ====== CVE-2013-4621 Summary: ======== A non-admin user such as default users eric / peter can access and execute multiple administrative functionalities of the CMS by accessing...

1.9AI score0.01762EPSS
Exploits1
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.117 views

Stored XSS in Terillion Reviews Wordpress Plugin

CVE Assigned-CVE-2013-2501 Exploit Title : Stored XSS in Terillion Reviews Plugin Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 08/03/13 Software link: http://wordpress.org/extend/plugins/terillion-reviews/ The Terillion Reviews Plugin in Wordpress...

4.3CVSS0.3AI score0.05268EPSS
Exploits2
securityvulns
securityvulns
added 2012/12/07 12:0 a.m.117 views

CVE-2012-4534 Apache Tomcat denial of service

CVE-2012-4534 Apache Tomcat denial of service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.27 - Tomcat 6.0.0 to 6.0.35 Description: When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading...

2.6CVSS0.2AI score0.07452EPSS
Exploits1
securityvulns
securityvulns
added 2012/09/19 12:0 a.m.117 views

[SE-2012-01] Security vulnerabilities in IBM Java

Hello All, Security Explorations discovered multiple security vulnerabilities in IBM SDK, Java Technology Edition software 1. This is IBM 2 implementation of Java SE technology for AIX, Linux, z/OS and IBMi platforms. Among a total of 17 security weaknesses found, there are issues that can lead t...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.117 views

7sepehr SQL Injection Vulnerability

Exploit Title : 7sepehr SQL Injection Vulnerability Author : Iranian Security & Research Team Discovered By : Ehram.shahmohamadi Home : sec-lab.ir Contact : research at sec-lab dot ir Portal Link : www.7sepehr.Com Security Risk : High DorK : "Powered by 7sepehr.com"...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.117 views

[security bulletin] HPSBMU02759 SSRT100817 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access, Unauthorized Information Disclosure, Denial of Service (DoS), URL Redirection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03263573 Version: 1 HPSBMU02759 SSRT100817 rev.1 - HP Onboard Administrator OA, Remote Unauthorized Access, Unauthorized Information Disclosure, Denial of Service DoS, URL Redirection NOTICE: The...

7.6CVSS0.5AI score0.87264EPSS
Exploits14
securityvulns
securityvulns
added 2012/04/02 12:0 a.m.117 views

Quake 3 / ioquake3 traffic amplification vulnerability

Source of getstatus UDP message is not checked...

7.8CVSS2.3AI score0.0211EPSS
Exploits0References1Affected Software4
securityvulns
securityvulns
added 2012/03/09 12:0 a.m.117 views

APPLE-SA-2012-03-07-2 iOS 5.1 Software Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-03-07-2 iOS 5.1 Software Update iOS 5.1 Software Update is now available and addresses the following: CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch 3rd generation and later, iPad, iPad 2 Impact: Visiting a...

9.3CVSS0.1AI score0.04932EPSS
Exploits1
securityvulns
securityvulns
added 2011/10/16 12:0 a.m.117 views

iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability

iDefense Security Advisory 10.12.11 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 12, 2011 I. BACKGROUND MobileSafari is Apple's mobile we browser for iOS devices. For more information about MobileSafari, please the visit following website:...

4.3CVSS4.8AI score0.01821EPSS
Exploits1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.117 views

ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability

ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-115 April 1, 2011 -- CVSS: 9.3, AV:N/AC:M/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM -- Affected Products: IBM solidDB -- TippingPointTM IPS Customer...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2010/04/26 12:0 a.m.117 views

[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02029444 Version: 1 HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS, Denial of Service DoS, Execution of Arbitrary Code,...

10CVSS0.8AI score0.80134EPSS
Exploits23
securityvulns
securityvulns
added 2009/06/25 12:0 a.m.117 views

(POST var 'resetpwemail') BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1-->

!/usr/bin/python -------------------------------------------------------------------------------- POST var 'resetpwemail' BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1-- -------------------------------------------------------------------------------- CMS INFORMATION: --WEB:...

8.5AI score
Exploits0
securityvulns
securityvulns
added 2009/04/03 12:0 a.m.117 views

OSCommerce Session Fixation Vulnerability

There is a flaw in the way OSCommerce handles sessions. When a client visits a OSCommerce web page, the server sends a cookie. That cookie will be the session cookie for every further requests. Thus, once logged in, the cookie will be used to authenticate the user. When logging in without cookies...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2008/10/23 12:0 a.m.117 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA Advisory ID: cisco-sa-20081022-asa http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml Revision 1.0 For Public Release 2008 October 22 1600 UTC GMT Summary =====...

7.8CVSS0.9AI score0.02945EPSS
Exploits3
securityvulns
securityvulns
added 2008/06/23 12:0 a.m.117 views

[Full-disclosure] PHP 5.2.6 chdir(), ftok() (standard ext) safe_mode bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.6 chdir,ftok standard ext safemode bypass Author: Maksymilian Arciemowicz cXIb8O3 securityreason.com Date: - - Written: 10.05.2008 - - Public: 17.06.2008 SecurityReason Research SecurityAlert Id: 55 CVE: CVE-2008-2666 CWE: CWE-264 SecurityRisk...

5CVSS8.4AI score0.13923EPSS
Exploits2
securityvulns
securityvulns
added 2008/04/03 12:0 a.m.117 views

Directory traversal in LANDesk Management Suite 8.80.1.1

Luigi Auriemma Application: LANDesk Management Suite http://www.landesk.com/products/ldms/index.aspx Versions: = 8.80.1.1 Platforms: Windows Bug: directory traversal Exploitation: remote Date: 01 Apr 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 T...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2008/03/26 12:0 a.m.117 views

Mozilla Foundation Security Advisory 2008-18

Mozilla Foundation Security Advisory 2008-18 Title: Java socket connection to any local port via LiveConnect Impact: High Announced: March 25, 2008 Reporter: Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.13 SeaMonkey 1.1.9 Description Security researcher Gregory Fleischer...

9.3CVSS2.2AI score0.05684EPSS
Exploits1
securityvulns
securityvulns
added 2008/02/26 12:0 a.m.117 views

Alkacon OpenCms tree_files.jsp resource XSS

Alkacon OpenCms treefiles.jsp resource XSS Product: Alkacon OpenCms http://www.opencms.org/ OpenCms contains a cross-site scripting vulnerability in the file tree navigation function. An invalid value supplied to parameter resource in page opencms/system/workplace/views/explorer/treefiles.jsp is...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.117 views

Mozilla Foundation Security Advisory 2007-25

Mozilla Foundation Security Advisory 2007-25 Title: XPCNativeWrapper pollution Impact: Moderate Announced: July 17, 2007 Reporter: shutdown and mozbugra4 Products: Firefox Fixed in: Firefox 2.0.0.5 Description shutdown and mozbugra4 reported two separate ways to modify an XPCNativeWrapper such th...

9.3CVSS9.3AI score0.03799EPSS
Exploits1
Total number of security vulnerabilities5000