Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2023/03/27 12:0 a.m.246 views

Composr CMS Version <=10.0.39 - Authenticated Remote Code Execution Exploit

Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...

8.8CVSS8.7AI score0.09183EPSS
Exploits4
0day.today
0day.today
added 2023/03/27 12:0 a.m.246 views

Password Manager for IIS v2.0 - XSS Vulnerability

Exploit Title: Password Manager for IIS v2.0 - XSS Exploit Author: VP4TR10T Vendor Homepage: http://passwordmanager.adiscon.com/en/manual/ Software Link: http://passwordmanager.adiscon.com/ Version: Version 2.0 Tested on: WINDOWS CVE : CVE-2022-36664 Affected URI when changing user password: POST...

6.1CVSS6.4AI score0.03767EPSS
Exploits5
0day.today
0day.today
added 2022/03/29 12:0 a.m.246 views

One Church Management System 1.0 Cross Site Scripting Vulnerability

Exploit Title: One Church Management System 1.0 - Multiple Cross-site Scripting Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ One Church Management...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/01/10 12:0 a.m.246 views

WordPress Contact Form Entries Cross Site Scripting Vulnerability

WordPress Contact Form Entries plugin versions prior to 1.2.4 suffer from an unauthenticated persistent cross site scripting vulnerability. Exploit Title: Contact Form Entries Vulnerability Discovery: Gaetano Perrone aka gx1 Vendor Homepage: https://www.crmperks.com/ Software Link:...

6.1CVSS6.2AI score0.0682EPSS
Exploits4
0day.today
0day.today
added 2021/12/14 12:0 a.m.246 views

Microsoft Internet Explorer / ActiveX Control - Security Bypass Vulnerability

Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt twitter.com/hyp3rlinx ISR:...

Exploits0
0day.today
0day.today
added 2020/11/19 12:0 a.m.246 views

Oracle WebLogic Server Administration Console Handle Remote Code Execution Exploit

This Metasploit module exploits a path traversal and a Java class instantiation in the handle implementation of WebLogic's Administration Console to execute code as the WebLogic user. Versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 are known to be affected. Tested against...

10CVSS8.9AI score0.99997EPSS
Exploits45
0day.today
0day.today
added 2020/07/07 12:0 a.m.246 views

CDATA OLTs Backdoor / Privilege Escalation / Information Disclosure Vulnerabilities

Various CDATA OLTs suffer from backdoor access with telnet, credential leaks, shell escape with root privileges, denial of service, and weak encryption algorithm vulnerabilities. Advisory Information Title: Multiple vulnerabilities found in CDATA OLTs Advisory URL:...

7.2AI score
Exploits0
0day.today
0day.today
added 2017/10/26 12:0 a.m.246 views

PHPMailer 5.2.21 Local File Disclosure Exploit

Exploit for php platform in category local exploits Exploit Title: PHPMailer SetFrom$POST"your-email", $POST"your-name"; $address = "email protected"; $mail-AddAddress$address, "root"; if isset$POST'cc' $mail-AddCC$POST"your-email", $POST"your-name"; $mail-Subject = "PHPMailer...

2.1CVSS6.1AI score0.02161EPSS
Exploits6
0day.today
0day.today
added 2017/05/10 12:0 a.m.246 views

Microsoft Windows - SrvOs2FeaToNt SMB Remote Code Execution (MS17-010) Exploit

Exploit for windows platform in category remote exploits Exploit Author: Juan Sacco MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Tested on: Microsoft Windows Server 2008 x64 SP1 R2 Standard Description: SMBv1 SrvOs2FeaToNt OOB is prone to a remote code execution...

9.3CVSS7.5AI score0.99693EPSS
Exploits94
0day.today
0day.today
added 2014/09/26 12:0 a.m.246 views

Apache mod_cgi Bash Environment Variable Code Injection Exploit

This Metasploit module exploits a code injection in specially crafted environment variables in Bash, specifically targeting Apache modcgi scripts through the HTTPUSERAGENT variable. This module requires Metasploit: http//metasploit.com/download Current source:...

10CVSS1AI score0.99999EPSS
Exploits131
0day.today
0day.today
added 2024/08/28 12:0 a.m.245 views

NoteMark < 0.13.0 - Stored XSS Vulnerability

Exploit Title: Stored XSS in NoteMark Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...

8.7CVSS7AI score0.00824EPSS
Exploits4
0day.today
0day.today
added 2024/04/23 12:0 a.m.245 views

Visual Studio Code Execution Exploit

This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will execute a shell or two. Tested against VSCode 1.87.2 on Ubuntu 22.04. This module requires Metasploit: https://metasploit.com/download Current source:...

7.7AI score
Exploits0
0day.today
0day.today
added 2024/04/12 12:0 a.m.245 views

Wordpress WP Video Playlist 1.1.1 Plugin - Stored Cross-Site Scripting Vulnerability

Exploit Title: Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting XSS Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.1.1 Proof Of Concept: 1. Click Add Video part and enter the XSS payload as below into the first input of form or Request body named...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/01/15 12:0 a.m.245 views

SimpleWebServer 2.2-rc2 Denial Of Service Exploit

!/usr/bin/perl use IO::Socket::INET; Exploit Title: PSimpleWebServer 2.2-rc2 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 11 january 2024 Vendor Homepage: http://www.pmx.it/ Download to demo:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/07/28 12:0 a.m.245 views

copyparty 1.8.2 - Directory Traversal Vulnerability

Exploit Title: copyparty 1.8.2 - Directory Traversal Exploit Author: Vartamtzidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2 Version: =1.8.2 Tested on: Debian Linux CVE : CVE-2023-37474 Descriptio...

7.5CVSS7.1AI score0.42828EPSS
Exploits4
0day.today
0day.today
added 2023/05/23 12:0 a.m.245 views

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title Vulnerability

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/04/06 12:0 a.m.245 views

LDAP Tool Box Self Service Password v1.5.2 - Account takeover Vulnerability

Exploit Title: LDAP Tool Box Self Service Password v1.5.2 - Account takeover Exploit Author: Tahar BENNACEF aka tar.gz Software Link: https://github.com/ltb-project/self-service-password Version: 1.5.2 Tested on: Ubuntu Self Service Password is a PHP application that allows users to change their...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/03/28 12:0 a.m.245 views

Hashicorp Consul v1.0 - Remote Command Execution Exploit

Exploit Title: Hashicorp Consul v1.0 - Remote Command Execution RCE Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://www.consul.io/ Description: Exploit for gain reverse shell on Remote Command Execution via API References: https://www.consul.io/api/agent/service.html Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/03/20 12:0 a.m.245 views

Human Resources Management System 1.0 SQL Injection Vulnerability

Exploit Title: Human Resources Management System - HRM - Multiple SQLi Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/01/19 12:0 a.m.245 views

Chrome JSNativeContextSpecialization::BuildElementAccess Bypass Exploit

Chrome: Copy-on-write check bypass in JSNativeContextSpecialization::BuildElementAccess VULNERABILITY DETAILS Copy-on-write is one of V8's internal optimization features that allows multiple JavaScript objects to share the same element store. This feature is primarily used to optimize creation of...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/06/02 12:0 a.m.245 views

Product Show Room Site 1.0 Cross Site Scripting Vulnerability

Product Show Room Site - 'Telephone' Stored Cross-Site ScriptingXSS Exploit Title: Product Show Room Site - 'Telephone' Stored Cross-Site ScriptingXSS Exploit Author: email protected inc Vendor Homepage: https://www.sourcecodester.com/php/15370/product-show-room-site-phpoop-free-source-code.html...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/03/07 12:0 a.m.245 views

Attendance and Payroll System v1.0 - SQL injection Authentication Bypass Exploit

Exploit Title: Attendance and Payroll System v1.0 - SQLi Authentication Bypass Exploit Author: pr0z Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip Version: v1.0 Tested on: Linux, MySQL, Apache impor...

0.7AI score
Exploits0
0day.today
0day.today
added 2021/10/08 12:0 a.m.245 views

Simple Online College Entrance Exam System 1.0 - Account Takeover Vulnerability

Exploit Title: Simple Online College Entrance Exam System 1.0 - Account Takeover Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

0.6AI score
Exploits0
0day.today
0day.today
added 2021/09/13 12:0 a.m.245 views

Apartment Visitor Management System (AVMS) 1.0 - SQL injection to Remote Code Execution 0day Exploit

Exploit Title: Apartment Visitor Management System AVMS 1.0 - SQLi to RCE Exploit Author: mari0x00 Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10395 Version: 1.0 Tested on:...

0.6AI score
Exploits0
0day.today
0day.today
added 2021/05/02 12:0 a.m.245 views

Shenzhen Skyworth RN510 Information Disclosure Vulnerability

Overview ======== Title:- UnAuthenticated Sensitive information Discloser in RN510 Mesh Extender. CVE-ID :- CVE-2021-25326 Author: Kaustubh G. Padwad Vendor: Shenzhen Skyworth Digital Technology Company Ltd.http://www.skyworthdigital.com/products Products: 1. RN510 with firmware V.3.1.0.4 Tested...

5.4CVSS5.6AI score0.01486EPSS
Exploits3
0day.today
0day.today
added 2020/08/15 12:0 a.m.245 views

QiHang Media Web Digital Signage 3.0.9 Credential Disclosure Vulnerability

QiHang Media Web Digital Signage version 3.0.9 suffers from a clear-text credential disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/08/05 12:0 a.m.245 views

Gantt-Chart For Jira 5.5.3 Missing Privilege Check Vulnerability

Gantt-Chart for Jira versions 5.5.3 and below misses a privilege check which allows an attacker to read and write the module configuration for other users. Product: Jira module "Gantt-Chart for Jira" Manufacturer: Frank Polscheit - Solutions & IT-Consulting Affected Versions: =5.5.3 Tested...

0.8AI score0.01834EPSS
Exploits3
0day.today
0day.today
added 2019/11/20 12:0 a.m.245 views

Bludit - Directory Traversal Image File Upload Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Bludit Directory Traversal Image File Upload Vulnerability", 'Description' = %q This module exploits a vulnerability in Bludit. A remote user cou...

8.8CVSS8.7AI score0.77962EPSS
Exploits16
0day.today
0day.today
added 2019/10/10 12:0 a.m.246 views

Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File

We have encountered a Windows kernel crash in CI!CipFixImageType while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug is shown below: --...

5.5CVSS0.1AI score0.02863EPSS
Exploits1
0day.today
0day.today
added 2018/11/09 12:0 a.m.245 views

OpenSLP 2.0.0 - Multiple Vulnerabilities

Exploit for linux platform in category local exploits OpenSLP 2.0.0 - Multiple Vulnerabilities ========================== I discovered some bugs in openslp-2.0.0 back in January, 2018. One of them I disclosed in June dumpco.re/blog/openslp-2.0.0-double-free, and today I'm disclosing two more. BUG...

7.5CVSS0.12463EPSS
Exploits4
0day.today
0day.today
added 2018/11/02 12:0 a.m.245 views

Gate Pass Management System 2.1 - login SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Gate Pass Management System 2.1 - 'login' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.livebms.com Software Link: https://netcologne.dl.sourceforge.net/project/gatepass/gpmsUpdate.zip Version: 2.1...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/03/31 12:0 a.m.245 views

WampServer 3.1.2 CSRF to add or delete any virtual hosts remotely Vulnerability

Exploit for php platform in category web applications WampServer 3.1.2 CSRF to add or delete any virtual hosts remotely CVE-2018-8817 CSRF Cross site request forgery in WampServer 3.1.2 which allows a remote attacker to force any victim to add or delete virtual hosts...

7.7AI score0.03267EPSS
Exploits6
0day.today
0day.today
added 2015/11/04 12:0 a.m.245 views

Piwik 2.14.3 PHP Object Injection Vulnerability

Piwik versions 2.14.3 and below suffer from a PHP object injection vulnerability that can lead to remote code execution. ----------------------------------------------------------------------- Piwik = 2.14.3 DisplayTopKeywords PHP Object Injection Vulnerability...

7.5CVSS7.6AI score0.03931EPSS
Exploits3
0day.today
0day.today
added 2015/08/27 12:0 a.m.245 views

QEMU Programmable Interrupt Timer Controller Heap Overflow Exploit

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=419c4 The programmable interrupt timer PIT controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller, allowing...

6.9CVSS0.2AI score0.01594EPSS
Exploits1
0day.today
0day.today
added 2014/12/09 12:0 a.m.245 views

Windows Kerberos - Elevation of Privilege (MS14-068) Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python MS14-068 Exploit Author ------ Sylvain Monne Contact : sylvain dot monne at solucom dot fr http://twitter.com/bidord import sys, os from random import getrandbits from time import time, localtime, strftime from kek.ccache...

9CVSS0.4AI score0.87448EPSS
Exploits8
0day.today
0day.today
added 2012/12/15 12:0 a.m.245 views

Cherokee web server v1.2.101 Full Path Disclosure

This bug is a remote 'Full Path Disclosure in Cherokee web server version 1.2.101 the attacker can use this bug for get Important information and Navigate between files/folders of server and get the content. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /...

6.8AI score
Exploits0
0day.today
0day.today
added 2009/12/21 12:0 a.m.245 views

PHPhotoalbum Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ============================================= PHPhotoalbum Remote File Upload Vulnerability ============================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/01/03 12:0 a.m.245 views

Invision Power Board Dragoran Portal Mod <= 1.3 SQL Injection Exploit

Exploit for unknown platform in category web applications ===================================================================== Invision Power Board Dragoran Portal Mod Invision Power Board plugin Created By SkOd SED security Team , http://sed-team.be google: "Portal 1.3 by Dragoran" use...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/08/04 12:0 a.m.244 views

Devika v1 - Path Traversal via (snapshot_path) Exploit

Exploit Title: Devika v1 - Path Traversal via 'snapshotpath' Parameter Exploit Author: Alperen Ergel Contact: @alpernae IG/X Vendor Homepage: https://devikaai.co/ Software Link: https://github.com/stitionai/devika Version: v1 Tested on: Windows 11 Home Edition CVE: CVE-2024-40422 !/usr/bin/python...

9.1CVSS7AI score0.11414EPSS
Exploits6
0day.today
0day.today
added 2023/08/08 12:0 a.m.244 views

PHPJabbers Vacation Rental Script 4.0 - CSRF Vulnerability

Exploit Title: PHPJabbers Vacation Rental Script 4.0 - CSRF Exploit Author: Hasan Ali YILDIR Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/vacation-rental-script/ Version: 4.0 Tested on: Windows 10 Pro Description The attacker can send to victim a link...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/08/04 12:0 a.m.244 views

Wordpress EventON Calendar 4.4 Plugin - Unauthenticated Post Access via IDOR Vulnerability

Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR Exploit Author: Miguel Santareno Vendor Homepage: https://www.myeventon.com/ Version: 4.4 Tested on: Google and Firefox latest version CVE : CVE-2023-3219 1. Description The plugin does not validate that t...

5.3CVSS7.1AI score0.07398EPSS
Exploits5
0day.today
0day.today
added 2023/07/28 12:0 a.m.244 views

mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory Exploit

Exploit Title: mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory Exploit Author: Maximilian Barz Vendor Homepage: https://mremoteng.org/ Software Link: https://mremoteng.org/download Version: mRemoteNG = v1.77.3.1784-NB Tested on: Windows 11 CVE : CVE-2023-30367 /...

7.5CVSS7.6AI score0.00431EPSS
Exploits4
0day.today
0day.today
added 2023/07/21 12:0 a.m.244 views

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Exploit Title: PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities Common Vulnerability Scoring System: ==================================== 5.8 Vulnerability Class: ==================== Cross Site Scripting - Persistent Current Estimated Price: ======================== 500€ - 1.000€ Produ...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/03/27 12:0 a.m.244 views

Raspberry Pi Camera Server 1.0 Authentication Bypass Vulnerability

Exploit Title: "camp" Raspberry Pi camera server 1.0 - Authentication Bypass Exploit Author: Elias Hohl Vendor Homepage: https://github.com/patrickfuller Software Link: https://github.com/patrickfuller/camp Version: bf6af5c2e5cf713e4050c11c52dd4c55e89880b1 Tested on: Ubuntu 20.04 CVE :...

9.8CVSS9.4AI score0.49201EPSS
Exploits3
0day.today
0day.today
added 2022/11/11 12:0 a.m.244 views

IOTransfer V4 - Unquoted Service Path Vulnerability

Exploit Title: IOTransfer V4 - Unquoted Service Path Exploit Author: BLAY ABU SAFIAN Inveteck Global Vendor Homepage: http://www.iobit.com/en/index.php Software Link: https://iotransfer.itopvpn.com/download/ Tested Version: V4 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft...

7.8CVSS7.8AI score0.01058EPSS
Exploits4
0day.today
0day.today
added 2022/06/17 12:0 a.m.244 views

Warehouse Management System 2022 Multiple SQL injection Vulnerabilities

Title: Warehouse Management System 2022 ML-SQLi Author: nu11secur1ty Date: 06.13.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php-codeigniter-warehouse-management-system-free-source-code Reference:...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/04/07 12:0 a.m.244 views

Bakery Shop Management System 1.0 Local File Inclusion Vulnerability

Title: Bakery Shop Management System 1.0 LFI To RCE Author: Hejap Zairy Date: 06.04.2022 Vendor: https://www.campcodes.com/projects/php/simple-bakery-shop-management-system/ Software: https://www.campcodes.com/wp-content/uploads/2022/02/bsms0.zip Reference: https://github.com/Matrix07ksa Tested o...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/03/30 12:0 a.m.244 views

Fingerprint Attendance 1.0 Shell Upload Vulnerability

Title: Fingerprint Attendance 1.0 Shell Upload Author: Hejap Zairy Vendor: https://www.vetbossel.in/fingerprint-attendance-project-php/ Software: https://app.box.com/s/xlyqalhvayq8oi25tqykcbouzrrjytqy Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache registered user can...

0.5AI score
Exploits0
0day.today
0day.today
added 2022/03/10 12:0 a.m.244 views

Sandboxie Plus 5.50.2 - (Service SbieSvc) Unquoted Service Path Vulnerability

Exploit Title: Sandboxie-Plus 5.50.2 - 'Service SbieSvc' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Vendor : David Xanatos Version : SbieSvc 5.50.2 Vendor Homepage : https://sandboxie-plus.com/ Tested on OS: Windows 10 Pro x64 PoC : ============== C:\sc qc SbieSvc SC...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/10/14 12:0 a.m.244 views

Yellowfin Cross Site Scripting / Insecure Direct Object Reference Vulnerabilities

Yellowfin versions prior to 9.6.1 suffer from persistent cross site scripting and insecure direct object reference vulnerabilities. YELLOWFIN 9.6.1 MULTIPLE VULNERABILITIES ---------------------------------------------------- Vulnerability: ============== Stored Cross-Site Scripting Affected...

7.5CVSS6.4AI score0.03053EPSS
Exploits2
Total number of security vulnerabilities5000