Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2015/02/22 12:0 a.m.105 views

UNIT4 Prosoft HRMS XSS Vulnerability

Vulnerability type: Cross-site Scripting Vendor: http://www.unit4.com/ Product: UNIT4 Prosoft HRMS Product site: http://www.unit4apac.com/products/prosofthrms Affected version: 8.14.230.47 Fixed version: 8.14.330.43 Credit: Jerold Hoong & Edric Teo PROOF OF CONCEPT The login page of UNIT4's Proso...

Exploits0
securityvulns
securityvulns
added 2015/02/02 12:0 a.m.105 views

APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and address the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10...

7.5CVSS0.6AI score0.02762EPSS
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.105 views

CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2

CVE-2014-8731 CVSSv2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:U/RC:C CVSSv2 Base Score=10.0 CVSSv2 Temp Score=9.5 OWASP Top 10 classification: A1 - Injection PHPMemcachedAdmin is a web-based frontend for Linux's memcached Daemon. Project Homepage: https://code.google.com/p/phpmemcacheadmin/...

10CVSS1.7AI score0.11763EPSS
Exploits1
securityvulns
securityvulns
added 2014/11/24 12:0 a.m.105 views

APPLE-SA-2014-11-17-1 iOS 8.1.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-11-17-1 iOS 8.1.1 iOS 8.1.1 is now available and addresses the following: CFNetwork Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: Website cache may not be fully cleared after leaving...

9.3CVSS0.2AI score0.03404EPSS
Exploits0
securityvulns
securityvulns
added 2014/08/11 12:0 a.m.105 views

ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability

ESA-2014-055.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-055: EMC Network Configuration Manager NCM Report Advisor Session Fixation Vulnerability EMC Identifier: ESA-2014-055 CVE Identifier: CVE-2014-2509 Severity Rating: CVSS v2 Base Score: 6.9 AV:A/AC:M/Au:N/C:C/I:P/A:P Affected...

5.4CVSS0.6AI score0.0158EPSS
Exploits0
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.105 views

[RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager

Advisory: Directory Traversal in DevExpress ASP.NET File Manager During a penetration test RedTeam Pentesting discovered a directory traversal vulnerability in DevExpress' ASP.NET File Manager and File Upload. Attackers are able to read arbitrary files by specifying a relative path. Details =====...

6.5CVSS5.8AI score0.08917EPSS
Exploits6
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.105 views

Cross-Site Scripting (XSS) in CMSimple

Advisory ID: HTB23205 Product: CMSimple Vendor: Preben Bjorn Biermann Madsen Vulnerable Versions: 3.54 and probably prior Tested Version: 3.54 Advisory Publication: February 26, 2014 without technical details Vendor Notification: February 26, 2014 Vendor Patch: February 26, 2014 Public Disclosure...

4.3CVSS6.5AI score0.01193EPSS
Exploits3
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.105 views

ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities

ESA-2012-029.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities EMC Identifier: ESA-2012-029 CVE Identifier: CVE-2011-3389, CVE-2012-2110, CVE-2012-2131 Severity Rating: See below for scores for individual issues Affected Products: For the...

7.5CVSS0.5AI score0.73327EPSS
Exploits12
securityvulns
securityvulns
added 2014/03/27 12:0 a.m.105 views

Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)

Hi, We have recently discovered a series of vulnerabilities in Firefox for Android that allows a malicious application to successfully derandomize the Firefox profile directory name in a practical amount of time and then leak sensitive data such as cookies and cached information which reside in...

6.4CVSS0.02344EPSS
Exploits3
securityvulns
securityvulns
added 2014/03/27 12:0 a.m.105 views

MS14-010 CVE-2014-0293 Technical Details and Code(I changed the web permanently)

Origin: Visit http://technet.microsoft.com/en-us/security/bulletin/ms14-010 Check "Acknowledgments" for "CVE-2014-0293". It says "Dieyu" and links to my website http://dieyu.org/ Technical Details: showModalDialog to keep script running, HTTP redirecting to target domain. Then script will run in...

4.3CVSS9.3AI score0.17502EPSS
Exploits1
securityvulns
securityvulns
added 2014/03/13 12:0 a.m.105 views

APPLE-SA-2014-03-10-2 Apple TV 6.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-03-10-2 Apple TV 6.1 Apple TV 6.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with access to an Apple TV may access sensitive user information from logs...

7.8CVSS8.2AI score0.10117EPSS
Exploits9
securityvulns
securityvulns
added 2014/01/09 12:0 a.m.105 views

[SECURITY] [DSA 2829-1] hplip security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2829-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 28, 2013 http://www.debian.org/security/faq -...

6.9CVSS1.2AI score0.03945EPSS
Exploits1
securityvulns
securityvulns
added 2013/11/26 12:0 a.m.105 views

[ MDVSA-2013:276 ] curl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:276 http://www.mandriva.com/en/support/security/ Package : curl Date : November 21, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated curl packages fix security...

4.3CVSS6.5AI score0.03076EPSS
Exploits0
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.105 views

ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities

ESA-2013-057.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-057: RSA Archer® GRC Multiple Vulnerabilities EMC Identifier: ESA-2013-057 CVE Identifier: CVE-2013-3276, CVE-2013-3277 Severity Rating: CVSS v2 Base Score: See below for individual scores Affected Products: RSA Archer versio...

6CVSS0.3AI score0.01057EPSS
Exploits0
securityvulns
securityvulns
added 2013/05/10 12:0 a.m.105 views

[SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-3544 Chunked transfer encoding extension size is not limited Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.29 - - Tomcat 6.0.0 to 6.0.36 Description: When processing a request submitted...

5CVSS0.11001EPSS
Exploits1
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.105 views

[security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03689276 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03689276 Version: 1 HPSBGN02854...

10CVSS0.6AI score0.63744EPSS
Exploits15
securityvulns
securityvulns
added 2013/01/14 12:0 a.m.105 views

Adobe Flash Player memory corruption

Memory corruption on SWF parsing...

10CVSS3.7AI score0.08158EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2013/01/10 12:0 a.m.105 views

Chrome for Android - Android APIs exposed to JavaScript

CVE Number: CVE-2012-4907 Title: Chrome for Android - Android APIs exposed to JavaScript Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: By abusing Java objects exposed to...

9.3CVSS0.4AI score0.01012EPSS
Exploits1
securityvulns
securityvulns
added 2012/09/07 12:0 a.m.105 views

[CVE-2012-3373] Apache Wicket XSS vulnerability via manipulated URL parameter

Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Wicket 1.4.x and 1.5.x Description: https://wicket.apache.org/2012/09/06/cve-2012-3373.html It is possible to inject JavaScript statements into an ajax link by adding an encoded null byte to a URL pointing to a...

4.3CVSS0.03279EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.105 views

NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation

High Risk Vulnerability in Symantec Message Filter 2 July 2012 Ben Williams of NCC Group has discovered a High risk vulnerability in Symantec Message Filter Impact: Session Hijacking via session fixation Versions affected: Symantec Message Filter Version 6.3 An updated version of the software has...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.105 views

Wordpress (editormonkey) Arbitrary File Upload Vulnerability

a bug in Wordpress editormonkeythat allows to us to occur a File Upload on a Remote machin. Exploit Title : Wordpress editormonkey Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk : High...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.105 views

[ MDVSA-2012:096-1 ] python

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:096-1 http://www.mandriva.com/security/ Package : python Date : July 2, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in python: The ssl...

5CVSS8.8AI score0.73327EPSS
Exploits11
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.105 views

[SE-2012-01] Regarding Oracle's Critical Patch Update for Java SE

Dear All, Yesterday, Oracle released its Critical Patch Update for Java SE software 1, which incorporates fixes for 3 of more than 20+ security issues that were reported to the company in Apr 2012 2. We would like to inform, that while some of the Proof of Concept codes we developed for the...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2012/06/03 12:0 a.m.105 views

CVE-2012-2216 - Social Engine Multiples Vulnerabilities (XSS and CSRF)

Social Engine 4.2.2 Multiples Vulnerabilities Earlier versions are also possibly vulnerable. INFORMATION Product: Social Engine 4.2.2 Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Discovered by: Tiago Natel de Moura aka "i4k" Discovered at: 10/04/2012 CVE Notified: 10/04/2012 CVE...

0.7AI score
Exploits5
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.105 views

LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts - Security Advisory 2012-03-01 === PyPAM -- Python bindings for PAM - Double Free Corruption - --------------------------------------------------------- Affected Versions ================= PyPAM = 0.4.2 Red Hat PyPAM =...

7.5CVSS6.3AI score0.14294EPSS
Exploits6
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.105 views

Multiple vulnerabilities in 11in1

Advisory ID: HTB23071 Product: 11in1 Vendor: 11in1 Vulnerable Versions: 1.2.1 stable 12-31-2011 and probably prior Tested Version: 1.2.1 stable 12-31-2011 Vendor Notification: 25 January 2012 Public Disclosure: 15 February 2012 Vulnerability Type: Local File Inclusion, Сross-Site Request Forgery...

6.8CVSS6.2AI score0.09794EPSS
Exploits3
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.105 views

openEngine 2.0 'id' Blind SQL Injection vulnerability

Advisory: openEngine 2.0 'id' Blind SQL Injection vulnerability Advisory ID: SSCHADV2011-019 Author: Stefan Schurtz Affected Software: Successfully tested on openEngine 2.0 100226 Vendor URL: http://www.openengine.de/ Vendor Status: informed CVE-ID: - ========================== Vulnerability...

8.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.105 views

[SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)

CVE-2011-2729: Commons Daemon fails to drop capabilities Apache Tomcat Severity: Important Vendor: The Apache Software Foundation Versions Affected: Tomcat 7.0.0 to 7.0.19 Tomcat 6.0.30 to 6.0.32 Tomcat 5.5.32 to 5.5.33 Description: Due to a bug in the capabilities code, jsvc the service wrapper...

5CVSS1.8AI score0.07243EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.105 views

Web Fusion Nepal (find.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Web Fusion Nepal find.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://webfusion.com.np/ Persian Gulf 4 Ever! Dork : "Powered by: Web Fusion Nepal" "inurl:find.php?id="...

2.9AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.105 views

LFI Vulnerability in 024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package)

============================================================================================================= 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Local File Include Vulnerability...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/02/08 12:0 a.m.105 views

HTB22819: XSS vulnerability in WebAsyst Shop-Script

Vulnerability ID: HTB22819 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwebasystshopscript1.html Product: WebAsyst Shop-Script Vendor: WebAsyst, LLC http://www.shop-script.ru/ Vulnerable Version: Current version 2011.01.23 shop-script.ru/demo/ Vendor Notification: 25 January 2011...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2010/11/28 12:0 a.m.105 views

[eVuln.com] URL XSS in Easy Banner Free

New eVuln Advisory: URL XSS in Easy Banner Free Summary: http://evuln.com/vulns/148/summary.html Details: http://evuln.com/vulns/148/description.html -----------Summary----------- eVuln ID: EV0148 Software: Easy Banner Free Vendor: PHP Web Scripts Version: 2009.05.18 Critical Level: low Type: Cro...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2010/09/20 12:0 a.m.105 views

[oCERT-2010-003] Free Simple CMS path sanitization errors

2010-003 Free Simple CMS path sanitization errors Description: Free Simple CMS, an open source content management system, suffers from remote file inclusion vulnerabilities. Insufficient path sanitization on several query string parameters leads to inclusion of arbitrary files from remote sources...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2010/07/17 12:0 a.m.105 views

[ MDVSA-2010:132 ] python

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:132 http://www.mandriva.com/security/ Package : python Date : July 14, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilitie...

7.5CVSS7.5AI score0.14643EPSS
Exploits3
securityvulns
securityvulns
added 2010/06/08 12:0 a.m.105 views

Microsoft Security Bulletin MS10-035 - Critical Cumulative Security Update for Internet Explorer (982381)

Microsoft Security Bulletin MS10-035 - Critical Cumulative Security Update for Internet Explorer 982381 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in...

9.3CVSS1.2AI score0.3703EPSS
Exploits10
securityvulns
securityvulns
added 2010/05/28 12:0 a.m.105 views

FreeBSD jail escape

It's possible to access current working directory...

3.3CVSS1.6AI score0.00324EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2010/04/05 12:0 a.m.105 views

PHP-fusion dsmsf (module downloads) SQL Inj3ct0r Exploit

======================================================== PHP-fusion dsmsf module downloads SQL Inj3ct0r Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' ...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2009/12/04 12:0 a.m.105 views

FreeBSD privilege escalation

It's possible to bypass environment variables filtering on suid program execution...

7.2CVSS4.6AI score0.03903EPSS
Exploits5References2Affected Software1
securityvulns
securityvulns
added 2009/10/22 12:0 a.m.105 views

Everfocus EDR1600 remote authentication bypass

Product: Everfocus EDR1600 Version affected: all Website: http://www.everfocus.com/ Discovered By: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Vuln: remote DVR authentication bypass The EDR1600 firmware don't handle correctly users authentication and sessions...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2009/08/26 12:0 a.m.105 views

Oracle 11g (11.1.0.6) Password Policy and Compliance

Many security standards require the tracking of users' password history to prevent password re-use. In Oracle 11g 11.1.0.6, if a security administrator has enabled 11g passwords exclusively then tracking password history is broken. This can affect compliance. This was addressed by Oracle in their...

2.1CVSS0.01214EPSS
Exploits1
securityvulns
securityvulns
added 2009/08/07 12:0 a.m.105 views

Mozilla Foundation Security Advisory 2009-43

Mozilla Foundation Security Advisory 2009-43 Title: Heap overflow in certificate regexp parsing Impact: Critical Announced: August 1, 2009 Reporter: Moxie Marlinspike Products: Firefox, Thunderbird, SeaMonkey, NSS Fixed in: Firefox 3.5 NSS 3.12.3 Description Moxie Marlinspike reported a heap...

9.3CVSS1.5AI score0.04155EPSS
Exploits1
securityvulns
securityvulns
added 2009/05/19 12:0 a.m.105 views

[security bulletin] HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01697543 Version: 1 HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition SSE, Local Denial of Service DoS, Execution of Arbitrary Code...

7.2CVSS1AI score0.51612EPSS
Exploits8
securityvulns
securityvulns
added 2009/05/12 12:0 a.m.105 views

User options changer (SQLi) EXPLOIT --Bigace CMS -stable release- 2.5-->

!/usr/bin/perl ----------------------------------------------------------------------------- User options changer SQLi EXPLOIT --Bigace CMS -stable release- 2.5-- ----------------------------------------------------------------------------- CMS INFORMATION: --WEB: http://www.bigace.de/ --DOWNLOAD...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2009/02/16 12:0 a.m.105 views

[Full-disclosure] [SECURITY] [DSA 1725-1] New websvn packages fix information leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1725-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 15, 2009 http://www.debian.org/security/faq -...

3.5CVSS0.8AI score0.01599EPSS
Exploits1
securityvulns
securityvulns
added 2008/08/12 12:0 a.m.105 views

Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability

Title: Apache Tomcat Directory Traversal Vulnerability Author: Simon Ryeobar4mi at gmail.com, barami at ahnlab.com Severity: High Impact: Remote File Disclosure Vulnerable Version: prior to 6.0.18 Solution: - Best Choice: Upgrade to 6.0.18 http://tomcat.apache.org - Hot fix: Disable allowLinking ...

4.3CVSS7.5AI score0.99708EPSS
Exploits22
securityvulns
securityvulns
added 2008/03/26 12:0 a.m.105 views

phpBB PJIRC mod LFI

/ PJIRC mod phpBB Local File Include Discrovered by: 0in from DaRk-CodeRs Programming & Security Group! Contact: 0indotemailatgmaildotcom Description: This is a simply irc applet to phpbb. Download: http://www.hotscripts.pl/produkt-1998.html HTTP://Dark-Coders.4rh.eu Greetz to: All DaRk-CodeRs Te...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2008/03/12 12:0 a.m.105 views

Microsoft Security Bulletin MS08-017 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)

Microsoft Security Bulletin MS08-017 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution 933103 Published: March 11, 2008 Version: 1.0 General Information Executive Summary This critical update resolves two privately reported vulnerabilities in Microsof...

9.3CVSS0.6AI score0.4014EPSS
Exploits6
securityvulns
securityvulns
added 2007/10/20 12:0 a.m.105 views

Serious holes affecting SiteBar 3.3.8

All, As a result of a short security audit of SiteBar, a number of security holes were found. The holes included code execution, a malicious redirect and multiple cases of Javascript injection. After liasing with the developers, the holes have been patched. Attached are the advisory and patch...

9CVSS0.1AI score0.02341EPSS
Exploits2
securityvulns
securityvulns
added 2007/10/02 12:0 a.m.105 views

eGov Content Manager Cross Site Scripting Vulrnability

HSC eGov Content Manager Cross Site Scripting Vulrnability The eGov Manager was designed to simplify the efforts of government staffers who are responsible for posting public documents, news updates, events, managing staff directories and online services. This issue is due to a failure in the...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2007/06/03 12:0 a.m.105 views

PBSite - PHP Bulletin Site | CMS ====> RFI

.-" "-. / | TiTaNiC | |, .-. .-. ,| | o/ o | |/ / | @ ^^ |IIIIII|/ @8@8|-IIIIII/-| / HaCkEr / @ script:PBSite - PHP Bulletin Site | CMS ==== RFI url:http://sourceforge.net/project/showfiles.php?groupid=88114 authot:titanichacker [email protected] contact: hack-teach.com & mohandko.com...

0.1AI score
Exploits0
Total number of security vulnerabilities5000