Lucene search

K

CAGE Web Design | Rolf Van Gelder Security Vulnerabilities

nessus
nessus

Eclipse Jetty Web Server Detection

The Eclipse Jetty web server was detected on the remote...

7.4AI Score

2024-05-02 12:00 AM
2
nessus
nessus

OwnCloud OwnCloud Web Interface Detection

The web interface for OwnCloud OwnCloud, an open-source file sync, share and content collaboration software, was detected on the remote...

7.5AI Score

2023-12-18 12:00 AM
1
nessus
nessus

Fortinet FortiSIEM Web Interface Detection

The web interface for Fortinet FortiSIEM, a Security Information and Event Management system was detected on the remote...

7.5AI Score

2023-11-20 12:00 AM
3
nessus
nessus

Extreme Networks ExtremeXOS Web Detection

The web interface for Extreme Networks ExtremeXOS was detected on the remote. Note that HTTP form credentials are required to retrieve version...

7.3AI Score

2023-11-13 12:00 AM
4
nessus
nessus

VMware Cloud Foundation Web Detection

VMware Cloud Foundation, a Hybrid Cloud Platform web application that manages virtual machines was detected on the remote host. Note: To obtain accurate version information from the web server, provide credentials to support HTTP basic...

1.7AI Score

2022-06-06 12:00 AM
14
nessus
nessus

JetBrains TeamCity Web Interface Detection

Detects the web interface for JetBrains TeamCity on the remote...

0.7AI Score

2021-03-30 12:00 AM
10
nessus
nessus

Adobe Experience Manager Web Detection

The remote host is running Adobe Experience Manager, a digital asset and content management software. Note: To retrieve patch level information this plugin requires the HTTP credentials of the web console. For accurate results, you may need to enable the Adobe Experience Manager ports (by default,....

0.2AI Score

2020-01-15 12:00 AM
7
nessus
nessus

Vacron NVR Web Interface Detection

Nessus was able to detect the web interface for a Vacron network video recorder on the remote...

1.3AI Score

2017-10-24 12:00 AM
12
nessus
nessus

QlikView Server Web UI Detection

The web user interface (UI) for QlikView Server, a business intelligence platform, is running on the remote...

1.6AI Score

2016-06-23 12:00 AM
10
nessus
nessus

Acunetix Web Vulnerability Scanner Detection

The remote Windows host has one or more installs of Acunetix Web Vulnerability Scanner (WVS), a dynamic vulnerability scanner for web...

1.6AI Score

2014-04-02 12:00 AM
14
openbugbounty
openbugbounty

web-canape.ru Cross Site Scripting vulnerability OBB-3887022

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-03-26 10:43 AM
2
nessus
nessus

Apache Superset Web Interface Detection

The web interface for Apache Superset, an open-source modern data exploration and visualization platform, was detected on the remote...

7.5AI Score

2024-05-16 12:00 AM
1
nessus
nessus

Apache Airflow Web API Detection

The web application or API for Apache Airflow was detected on the remote host. Note: Prior to Apache Airflow 2.0.0, the API is considered experimental and may not return the version information through the...

2.8AI Score

2022-04-26 12:00 AM
10
nessus
nessus

Azure CycleCloud Web UI Detection

Azure CycleCloud web user interface detected on remote host. Azure CycleCloud is a tool developed by Microsoft for orchestrating and managing High Performance Computing (HPC) environments on...

0.8AI Score

2021-08-13 12:00 AM
12
nessus
nessus

Buffalo Router Web Interface Detection

Nessus was able to detect the web administration interface for a Buffalo router on the remote...

2.1AI Score

2021-08-04 12:00 AM
12
nessus
nessus

Arista CloudVision Portal Web Detection

The remote host is running Arista CloudVision Portal, a web-based GUI for the CloudVision platform. Note: To retrieve patch level information this plugin requires the HTTP credentials of the web...

0.4AI Score

2020-06-26 12:00 AM
7
nessus
nessus

Isilon OneFS Web Interface Detection

The remote host is running Isilon OneFS, a NAS managment...

1.2AI Score

2018-08-14 12:00 AM
6
nessus
nessus

NUUO NVR Web Interface Detection

Nessus was able to detect the web interface for a NUUO based network video recorder. NUUO licenses their interface so this device could be made by NUUO, NETGEAR, or someone...

1.4AI Score

2017-10-18 12:00 AM
4
nessus
nessus

HooToo TripMate Web Interface Detection

Nessus was able to detect the web administration interface for a HooToo TripMate device on the remote...

1.4AI Score

2017-06-29 12:00 AM
10
nessus
nessus

Pivotal Web Server Version Detection

The version of Pivotal Web Server (formerly VMware vFabric Web Server) could be extracted from the web server's...

2.7AI Score

2014-08-26 12:00 AM
6
nessus
nessus

Net Optics Director Web Detection

The web management interface for Net Optics Director, a network packet broker and monitoring switch, was detected on the remote...

1.1AI Score

2013-10-23 12:00 AM
11
nessus
nessus

NextChat / ChatGPT Next Web Detection

The remote host is running an NextChat...

7.5AI Score

2024-04-29 12:00 AM
1
nessus
nessus

Palo Alto Expedition Web Detection

The web interface for Palo Alto Expedition was detected on the remote host. Expedition is software designed to enable migration of firewall policies and configurations. It is possible to extract version information if login credentials are...

2.5AI Score

2020-01-02 12:00 AM
13
nessus
nessus

StreamSets Data Collector Web Detection

StreamSets Data Collector, a tool for building pipelines, was detected based on the web interface. Note that for this detection, ports 18630 and 18636 will need to be added to the Nessus port...

1.1AI Score

2019-07-10 12:00 AM
7
nessus
nessus

IBM BigFix Web Reports Detection

The remote host is running IBM BigFix Web Reports, a high-level web application that connects to one or more IBM BigFix databases to aggregate, analyze, and manage network...

6.9AI Score

2016-11-18 12:00 AM
13
nessus
nessus

Visualware MyConnection Server Web Detection

The remote host is running the web based user interface for Visualware MyConnection Server (MCS), a network quality management application. It was possible to read the version from a standard...

2.3AI Score

2015-04-02 12:00 AM
10
openbugbounty
openbugbounty

web-argitalpena.adm.ehu.es Cross Site Scripting vulnerability OBB-3888546

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-03-27 10:33 AM
4
vulnrichment
vulnrichment

CVE-2024-34790 WordPress Download ImageMagick Sharpen Resized Images plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue affects ImageMagick Sharpen Resized Images: from n/a through...

5.9CVSS

6.7AI Score

0.0004EPSS

2024-06-03 10:57 AM
cve
cve

CVE-2022-41103

Microsoft Word Information Disclosure...

5.5CVSS

5AI Score

0.001EPSS

2022-11-09 10:15 PM
54
6
cve
cve

CVE-2022-41060

Microsoft Word Information Disclosure...

5.5CVSS

5AI Score

0.001EPSS

2022-11-09 10:15 PM
46
4
osv
osv

Sidekiq vulnerable to a Reflected XSS in Queues Web Page

Description: During the source Code Review of the metrics.erb view of the Sidekiq Web UI, A reflected XSS vulnerability is discovered. The value of substr parameter is reflected in the response without any encoding, allowing an attacker to inject Javascript code into the response of the...

5.5CVSS

6.2AI Score

0.0004EPSS

2024-04-26 10:19 PM
5
nuclei
nuclei

PrestaShop Step by Step products Pack - SQL Injection

In the module “Step by Step products Pack” (ndk_steppingpack) up to 1.5.6 from NDK Design for PrestaShop, a guest can perform SQL injection in affected...

9.8CVSS

9.9AI Score

0.048EPSS

2024-03-16 05:23 PM
18
github
github

Sidekiq vulnerable to a Reflected XSS in Queues Web Page

Description: During the source Code Review of the metrics.erb view of the Sidekiq Web UI, A reflected XSS vulnerability is discovered. The value of substr parameter is reflected in the response without any encoding, allowing an attacker to inject Javascript code into the response of the...

5.5CVSS

6.2AI Score

0.0004EPSS

2024-04-26 10:19 PM
6
cve
cve

CVE-2024-34566

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-05-08 11:15 AM
29
cvelist
cvelist

CVE-2024-34566 WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through...

6.5CVSS

7.3AI Score

0.0004EPSS

2024-05-08 10:54 AM
openvas
openvas

Unprotected Web App / Device Installers (HTTP)

The script attempts to identify installation/setup pages of various web apps/devices that are publicly accessible and not protected by e.g. account restrictions or having their setup...

7.2AI Score

2018-05-07 12:00 AM
405
github
github

Moodle Insecure direct object reference (IDOR) in a calendar web service

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action...

5.3CVSS

6.9AI Score

0.001EPSS

2022-05-24 07:21 PM
1
osv
osv

CVE-2023-26268

Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update list filter filter views (using view functions as filters) rewrite update This doesn't affect...

5.3CVSS

7AI Score

0.001EPSS

2023-05-02 09:15 PM
6
nvd
nvd

CVE-2024-34790

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue affects ImageMagick Sharpen Resized Images: from n/a through...

5.9CVSS

6.1AI Score

0.0004EPSS

2024-06-03 11:15 AM
2
cve
cve

CVE-2022-41061

Microsoft Word Remote Code Execution...

7.8CVSS

7.5AI Score

0.002EPSS

2022-11-09 10:15 PM
65
6
openbugbounty
openbugbounty

web-insolite.net Improper Access Control vulnerability OBB-3867301

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

7AI Score

2024-03-07 01:26 AM
5
nessus
nessus

RHEL 7 : web-admin-build (RHSA-2020:5599)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5599 advisory. Red Hat Gluster Storage is software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies...

8.2CVSS

8.3AI Score

0.717EPSS

2020-12-18 12:00 AM
17
nessus
nessus

Apache ActiveMQ Web Console Test Pages Information Disclosure

The Apache ActiveMQ Web Console running on the remote host is leaking information via its test pages. The ActiveMQ Web Console allows unrestricted, unauthenticated access by default, and the test pages are used for testing the environment and web framework. One of the included test pages,...

7.2AI Score

2010-04-16 12:00 AM
17
openvas
openvas

Generic HTTP Directory Traversal (Web Dirs) - Active Check

Generic check for HTTP directory traversal vulnerabilities on each directory of the remote web...

9.8CVSS

8.3AI Score

0.975EPSS

2021-07-22 12:00 AM
10
osv
osv

CVE-2023-27563

The n8n package 0.218.0 for Node.js allows Escalation of...

8.8CVSS

7.2AI Score

0.002EPSS

2023-05-10 03:15 PM
5
nessus
nessus

RHEL 6 : python-twisted-web (RHSA-2020:1962)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1962 advisory. Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using...

9.8CVSS

9.7AI Score

0.009EPSS

2020-04-29 12:00 AM
10
nessus
nessus

Citrix Access Gateway Administrative Web Interface Default Credentials

It is possible to log into the remote Citrix Access Gateway administrative web interface by providing default credentials. Knowing these, an attacker can gain administrative control of the affected application server and, for example, upload a new system...

7.6AI Score

2013-04-12 12:00 AM
43
openvas
openvas

Generic HTTP Directory Traversal (Web Root) - Active Check

Generic check for HTTP directory traversal vulnerabilities on the web root level of the remote web...

9.8CVSS

8.2AI Score

0.975EPSS

2017-04-18 12:00 AM
694
nessus
nessus

Web Server PROPFIND Method Internal IP Disclosure

The remote installation of IIS leaks a private IP address through the WebDAV interface. This may expose internal IP addresses that are usually hidden or masked behind a Network Address Translation (NAT) Firewall or proxy server. This is typical of IIS installations that are not configured...

9.6AI Score

0.01EPSS

2004-03-18 12:00 AM
632
osv
osv

CVE-2023-27564

The n8n package 0.218.0 for Node.js allows Information...

7.5CVSS

7.1AI Score

0.001EPSS

2023-05-10 03:15 PM
5
Total number of security vulnerabilities506919