Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2010/08/14 12:0 a.m.112 views

SQL injection vulnerability in SyntaxCMS

Vulnerability ID: HTB22540 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinsyntaxcms.html Product: SyntaxCMS Vendor: Forum One Communications http://www.syntaxcms.org/ Vulnerable Version: 1.3 and Probably Prior Versions Vendor Notification: 27 July 2010 Vulnerability Type: S...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2010/06/08 12:0 a.m.112 views

ZDI-10-096: Apple Webkit Recursive Use Element Remote Code Execution Vulnerability

ZDI-10-096: Apple Webkit Recursive Use Element Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-096 June 8, 2010 -- CVE ID: CVE-2010-1404 -- Affected Vendors: Apple -- Affected Products: Apple WebKit -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

9.3CVSS0.2AI score0.08732EPSS
Exploits0
securityvulns
securityvulns
added 2010/05/28 12:0 a.m.112 views

FreeBSD Security Advisory FreeBSD-SA-10:05.opie

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:05.opie Security Advisory The FreeBSD Project Topic: OPIE off-by-one stack overflow Category: contrib Module: contribopie Announced: 2010-05-27 Credits:...

9.3CVSS9.4AI score0.21992EPSS
Exploits5
securityvulns
securityvulns
added 2010/02/10 12:0 a.m.112 views

SSL data injection

Data injection possibility connected with SSL in-session renegotiation...

5.8CVSS2.8AI score0.87264EPSS
Exploits14References8Affected Software6
securityvulns
securityvulns
added 2009/12/09 12:0 a.m.112 views

ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability

ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-095 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

10CVSS1AI score0.73694EPSS
Exploits5
securityvulns
securityvulns
added 2009/08/26 12:0 a.m.112 views

Oracle 11g (11.1.0.6) Password Policy and Compliance

Many security standards require the tracking of users' password history to prevent password re-use. In Oracle 11g 11.1.0.6, if a security administrator has enabled 11g passwords exclusively then tracking password history is broken. This can affect compliance. This was addressed by Oracle in their...

2.1CVSS0.01214EPSS
Exploits1
securityvulns
securityvulns
added 2009/04/14 12:0 a.m.112 views

[DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities

original advisory: http://dsecrg.com/pages/vul/show.php?id=137 Digital Security Research Group DSecRG Advisory DSECRG-09-037 Application: AbleSpace Versions Affected: 1.0 Vendor URL: http://abk-soft.com/ Bugs: Multiple Blind SQL Injections, Multiple XSS Exploits: YES Reported: 18.03.2009 Vendor...

Exploits0
securityvulns
securityvulns
added 2009/02/10 12:0 a.m.112 views

LFI in Drupal CMS

Author : Rasool Nasr ------------------------------------------- Discovered by : Rasool Nasr ------------------------------------------- Exploited By : Rasool Nasr ------------------------------------------- E-Mail : [email protected] ------------------------------------------- WebSite :...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2009/01/28 12:0 a.m.112 views

CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

Title: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities CA Advisory Reference: CA20090123-01 CA Advisory Date: 2009-01-23 Reported By: n/a Impact: Refer to the CVE identifiers for details. Summary: Multiple security risks exist in Apache Tomcat as included with CA Cohesion Application...

5CVSS6.4AI score0.90768EPSS
Exploits22
securityvulns
securityvulns
added 2009/01/14 12:0 a.m.112 views

[security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01607558 Version: 1 HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as...

4.3CVSS0.3AI score0.03081EPSS
Exploits1
securityvulns
securityvulns
added 2009/01/11 12:0 a.m.112 views

FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:12.ftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in ftpd8 Category: core Module: ftpd Announced: 2008-12-23 Credits: Maksymilian...

7.5CVSS6.2AI score0.04045EPSS
Exploits1
securityvulns
securityvulns
added 2008/09/24 12:0 a.m.112 views

drupal: Session hijacking vulnerability, CVE-2008-3661

drupal: Session hijacking vulnerability, CVE-2008-3661 References https://vulners.com/cve/CVE-2008-3661 http://int21.de/cve/CVE-2008-3661-drupal.html http://enablesecurity.com/2008/08/11/surf-jack-https-will-not-save-you/ https://www.defcon.org/html/defcon-16/dc-16-speakers.htmlPerry Description...

5CVSS5.8AI score0.02502EPSS
Exploits0
securityvulns
securityvulns
added 2008/08/26 12:0 a.m.112 views

Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities

Exploits admin user name : http://localhost/mininuke/members.asp?action=memberdetails&uid=1+union+select+0,kuladi,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+members+where+seviye=1 admin password :...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2008/03/13 12:0 a.m.112 views

Vulnerabilities in Timbuktu Pro 8.6.5

Luigi Auriemma Application: Timbuktu Pro Remote Control Software http://www.netopia.com/software/products/tb2/ Versions: = 8.6.5 RC 229 Platforms: Windows Mac OS X has not been tested Bugs: A Denial of Service B limited upload directory traversal Exploitation: remote Date: 10 Mar 2008 Author: Lui...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/07/15 12:0 a.m.112 views

MSIE7 entrapment again (+ FF tidbit)

Hello again, Microsoft Internet Explorer seems to have a soft spot for browser entrapment vulnerabilities. Just to recap, in these attacks, the user is made believe he had left a webpage and the URL bar or SSL state data reinforce him in this belief - but in reality, is prevented from doing so, a...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.112 views

[Full-disclosure] Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure

Advisory: Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure RedTeam Pentesting discovered an information disclosure in the Fujitsu- Siemens BX300 Switch Blade during a penetration test. By accessing URLs of the web interface directly and aborting the authentication dialog, one is...

5CVSS6.3AI score0.01757EPSS
Exploits3
securityvulns
securityvulns
added 2007/05/08 12:0 a.m.112 views

Microsoft Security Bulletin MS07-028 Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)

Microsoft Security Bulletin MS07-028 Vulnerability in CAPICOM Could Allow Remote Code Execution 931906 Published: May 8, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use CAPICOM or BizTalk 2004 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

9.3CVSS6.6AI score0.75678EPSS
Exploits0
securityvulns
securityvulns
added 2007/04/16 12:0 a.m.112 views

bloofoxCMS 0.2.2 Cross Site Scripting

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2007/04/16 12:0 a.m.112 views

Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities

Sitebar = 3.3.5 Remote File Include Vulnerabilities D.Script: http://scripts.ringsworld.com/bookmark-management/sitebar-3.3.5.zip -::AUTHOR: VerY-SecReT Homepage: http://www.sniper-sa.com Exploit: :- target/sitebar/index.php?writerFile=Shell target/sitebar/Integrator.php?file=Shell $Includer:...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2007/04/16 12:0 a.m.112 views

MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2007/02/26 12:0 a.m.112 views

sitex multiple vulnerabilities

global risk:critical upload vulnerability: in user profile upload an avatar with a double extension like : file.php.jpg once it's done,you gone get an error like:Fatal error: Call to undefined function imagedestroy in /. but the last extension jpg will be removed by the script, and stored in :...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2007/02/23 12:0 a.m.112 views

FlashGameScript v1.5.4 Remote File Inclusion Vulnerability

-------------------------------------------------------- Author : JuMp-Er Date : feb, 21th 2007 Level : Dangerous contact: : aH-crewathotmaildotcom -------------------------------------------------------- Software description -------------------------------------------------------- App...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/12/23 12:0 a.m.112 views

Multiple Oracle application server vulnerabilities

SQL injections, DoS, data modification, crossite scripting, privilege escalation, audit setings modification. Password is passed from JDeveloper to SQLPlus in cleartext. JDeveloper password is stored in cleartext in different XML configuration files. Cleartext FormBuilder password is stored in...

7.5CVSS0.6AI score0.41051EPSS
Exploits4References81Affected Software3
securityvulns
securityvulns
added 2006/10/02 12:0 a.m.112 views

VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include Vulnerability

ToXiC VAMP Webmail Remote File Inclusion by ToXiC CreW BuG FounD by Drago84 Application Affect:VAMP Webmail Page: yesno.phtml Dir : /setup/ Problem: ?if$answer=="Yes" include $yesurl; else include $nourl; ? ExPloit :...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2006/09/28 12:0 a.m.112 views

OpenSSH 4.4 is available

OpenSSH 4.4 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100 complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community...

8.3AI score
Exploits0
securityvulns
securityvulns
added 2006/03/09 12:0 a.m.112 views

Easy File Sharing Web Server Multiple Vulnerablilities

Easy File Sharing Web Server Multiple Vulnerablilities Software: Easy File Sharing Web Server Version: 3.2 Website: http://www.sharing-file.com/ Description: Easy File Sharing Web Server is a Windows program that allows you to host a secure peer-to-peer and web-based file sharing system without a...

Exploits0
securityvulns
securityvulns
added 2006/03/07 12:0 a.m.112 views

Multiple vulnerabilities in Liero Xtreme 0.62b

Luigi Auriemma Application: Liero Xtreme http://lieroxtreme.thegaminguniverse.com Versions: = 0.62b Platforms: Windows Bugs: A server crash/freeze B format string in the visualization function Exploitation: A remote, versus server B local/remote, versus clients Date: 06 Mar 2006 Author: Luigi...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2005/11/21 12:0 a.m.112 views

[SA17652] e-Quick Cart SQL Injection Vulnerabilities

TITLE: e-Quick Cart SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA17652 VERIFY ADVISORY: http://secunia.com/advisories/17652/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: e-Quick Cart http://secunia.com/product/6165/ DESCRIPTION: BiPiHaCk has...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2004/09/15 12:0 a.m.112 views

Microsoft Security Bulletin MS04-028 Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)

Microsoft Security Bulletin MS04-028 Buffer Overrun in JPEG Processing GDI+ Could Allow Code Execution 833987 Issued: September 14, 2004 Version: 1.0 Summary Who should read this document: Customers who use any of the affected operating systems, affected software programs, or affected components...

9.3CVSS1.9AI score0.49024EPSS
Exploits0
securityvulns
securityvulns
added 2002/10/03 12:0 a.m.112 views

Security Bulletin MS02-056: Cumulative Patch for SQL Server (Q316333)

---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server Q316333 Date: 02 October 2002 Software: Microsoft SQL Server 7.0 Microsoft Data Engine MSDE 1.0 Microsoft SQL Server 2000 Microsoft Desktop Engine MSDE 2000 Impact: Four vulnerabilities,...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2001/11/03 12:0 a.m.112 views

Progres Databse PROMSGS Format strings issue.

Well once again I have found yet another Progress database issue. The PROMSGS has been looked at one time already for buffer overflows. It was supposed to be fixed. I was poking around at it today and noticed these format strings issues... PROGRESS Version 9.1C as of Thu Jun 7 10:03:59 EDT 2001...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2015/07/20 12:0 a.m.111 views

freexl library DoS

DoS on Excel document parsing...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2014/09/21 12:0 a.m.111 views

APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1 Safari 6.2 and Safari 7.1 are now available and address the following: Safari Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: An attacker with a privileged network position may...

7.5CVSS0.2AI score0.02868EPSS
Exploits1
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.111 views

ArcGIS for Server Vulnerability Disclosure

Product: ArcGIS for Server Vendor: ESRI Vulnerable Version: 10.1.1 Tested Version: 10.1.1 Vendor Notification: June 19, 2014 Public Disclosure: August 15, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-5121 Risk Level: Medium CVSSv2 Base Score: 4.3...

5.8CVSS2.3AI score0.02424EPSS
Exploits0
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.111 views

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities

Exploit Title: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities Google Dork: intitle:"Powered by Pro Chat Rooms" Date: 5 August 2014 Exploit Author: Mike Manzotti @ Dionach Ltd Vendor Homepage: http://prochatrooms.com Software Link: http://prochatrooms.com/software.php Version: v8.2.0 Tested on:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2014/05/15 12:0 a.m.111 views

[oss-security] CVE request: various NodeJS module vulnerabilities

Hi all, This is a request for CVEs for the following vulnerabilities discovered by the Node Security Project. I left out their advisories where I could find an assigned CVE; CVE-2013-7370 CVE-2013-7371 CVE-2013-6393 CVE-2013-4660 https://nodesecurity.io/advisories printer potential command...

6.8CVSS0.8AI score0.17186EPSS
Exploits7
securityvulns
securityvulns
added 2014/02/28 12:0 a.m.111 views

APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2 Safari 6.1.2 and Safari 7.0.2 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1 Impac...

6.8CVSS0.5AI score0.02181EPSS
Exploits3
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.111 views

Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability

Title: ====== Microsoft SharePoint 2013 Cloud - Persistent Exception Handling Web Vulnerability Date: ===== 2013-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/08 12:0 a.m.111 views

[waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin

waraxe-2013-SA105 - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin =================================================================================== Author: Janek Vind "waraxe" Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-105.html Description of...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.111 views

ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

4.3CVSS0.1AI score0.73327EPSS
Exploits4
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.111 views

CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass

Affected products ============== CodeIgniter = 2.1.1 PHP framework and all CodeIgniter-based PHP applications using its built-in XSS filtering mechanism. CVE ==== CVE-2012-1915 Introduction ========== CodeIgniter http://codeigniter.com is a powerful PHP framework with a very small footprint, buil...

0.2AI score0.01863EPSS
Exploits2
securityvulns
securityvulns
added 2012/06/18 12:0 a.m.111 views

Boonex Dolphin v7.0.9 CMS & Mobile App - Multiple Web Vulnerabilities

Title: ====== Boonex Dolphin v7.0.9 CMS - Multiple Web Vulnerabilities Date: ===== 2012-05-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=565 http://www.vulnerability-lab.com/getcontent.php?id=566 ID: Changeset 16256 VL-ID: ===== 565 Common Vulnerability Scoring...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/12/26 12:0 a.m.111 views

PHP Booking Calendar 10e XSS

Exploit Title: PHP Booking Calendar 10e XSS Date: 12/16/11 Author: G13 Software Link: http://sourceforge.net/projects/bookingcalendar/ Version: 10e Category: webapps php Vulnerability The pageinfomessage varibale in the detailsview.php does not sanitize input. This is a relective XSS attack...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2011/12/04 12:0 a.m.111 views

Sql injection in SugarCRM

Vulnerability ID: HTB23051 Reference: https://www.htbridge.ch/advisory/sqlinjectioninsugarcrm.html Product: SugarCRM Vendor: SugarCRM Inc. http://www.sugarcrm.com Vulnerable Version: Community Edition 6.3.0RC1 and probably prior Tested Version: Community Edition 6.3.0RC1 Vendor Notification: 05...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/11/11 12:0 a.m.111 views

[SECURITY] [DSA 2343-1] openssl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...

2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.111 views

Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution

Jcow CMS 4.x:4.2 = , 5.x:5.2 = | Arbitrary Code Execution 1. OVERVIEW Jcow CMS versions 4.x: 4.2 and lower, 5.x: 5.2 and lower are vulnerable to Arbitrary Code Execution. 2. BACKGROUND Jcow is a flexible Social Networking software written in PHP. It can help you to build a social network for your...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.111 views

ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication On-Premise Advisories Updated August 11, 2011 Summary: An issue with Adaptive Authentication On-Premise was discovered which in certain circumstances...

7.5CVSS0.01289EPSS
Exploits0
securityvulns
securityvulns
added 2011/07/26 12:0 a.m.111 views

[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1

---------------------------------------------------------------------- PT-2011-08 Positive Technologies Security Advisory Multiple vulnerabilities in Dlink DPH 150SE/E/F1 ---------------------------------------------------------------------- --- Vulnerable platform Dlink DPH 150s IP Phone Firmwar...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/27 12:0 a.m.111 views

XSS in Webmin 1.540 + exploit for privilege escalation

Information -------------------- Name : XSS vulnerability in Webmin Software : All versions prior to and including 1.540 are affected. Vendor Hompeage : http://www.webmin.com Vulnerability Type : Cross-Site Scripting Severity : Medium Researcher : Javier Bassi javierbassi at gmail dot com...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.111 views

Stored and Reflective XSS in Yaws-Wiki 1.88-1 (Erlang)

Software: yaws-wiki version affected: 1.88-1 platform: Erlang homepage:http://yaws.hyber.org/ Researcher: Michael Brooks Original Advisory:https://sitewat.ch/en/Advisory/4 Install instructions for Ubuntu: sudo apt-get install yaws-wiki Edit:/etc/yaws/conf.d/yaws-wiki.conf add this: server wiki po...

7.1AI score
Exploits0
Total number of security vulnerabilities5000