Lucene search

K

CAGE Web Design | Rolf Van Gelder Security Vulnerabilities

nessus
nessus

Amazon Web Services EC2 Instance Metadata Enumeration (Windows)

The remote host appears to be an Amazon Machine Image. Nessus will attempt to use the metadata API to collect information about the...

3.3AI Score

2016-04-11 12:00 AM
23
nessus
nessus

RuggedCom RuggedOS < 3.12.1 Web UI Multiple Security Vulnerabilities

According to its self-reported version, the RuggedCom RuggedOS (ROS) Web UI is affected by multiple vulnerabilities, some of which could allow a remote attacker to gain administrative access to the...

4.8AI Score

2013-02-06 12:00 AM
13
osv
osv

CVE-2023-34237

SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the...

9.8CVSS

8.8AI Score

0.022EPSS

2023-06-07 08:15 PM
5
cve
cve

CVE-2023-23399

Microsoft Excel Remote Code Execution...

7.8CVSS

7.7AI Score

0.005EPSS

2023-03-14 05:15 PM
139
osv
osv

Malicious code in agencyportal-web (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (3f01ab5c8d151da175f79cd0379f0f4d714ddceb4075503d821ee2f05515d1cb) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI Score

2024-05-02 12:49 AM
4
openbugbounty
openbugbounty

web-canape.ru Cross Site Scripting vulnerability OBB-3887022

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-03-26 10:43 AM
2
nessus
nessus

D-Link D-View 8 Web Server Detection

The D-Link D-View 8 Web Server is running on the remote...

7.1AI Score

2023-10-20 12:00 AM
10
nessus
nessus

RuggedCom RuggedOS (ROS) Web-Based Admin Interface Detection

The remote device is running the RuggedCom RuggedOS (ROS) web-based administration...

2.6AI Score

2012-06-15 12:00 AM
8
nessus
nessus

WatchGuard FireboxV and XTM Fireware OS Web Detection

The web UI for a WatchGuard FireboxV or XTM running Fireware OS was detected on the remote host. Note the plugin attempts to retrieve the Fireware OS version information from the API when HTTP Basic authentication credentials are...

1.6AI Score

2022-08-18 12:00 AM
33
nessus
nessus

Trend Micro Apex One Management Web Console Detection

The web console interface for a Trend Micro Apex One Management server was detected on the remote...

1.1AI Score

2022-05-03 12:00 AM
11
nessus
nessus

Symantec Data Center Security Web Administration Interface Detection

The remote host is running a web interface for Symantec Data Center Security, an information security management...

1AI Score

2015-02-26 12:00 AM
7
nessus
nessus

RuggedCom RuggedOS Web-Based Admin Interface Default Credentials

The remote RuggedCom RuggedOS (ROS) device is running a web-based interface that allows login using default...

3.1AI Score

2012-06-15 12:00 AM
9
openbugbounty
openbugbounty

web-argitalpena.adm.ehu.es Cross Site Scripting vulnerability OBB-3888546

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-03-27 10:33 AM
4
nessus
nessus

Cisco Small Business Wireless Access Point Web Detection

The web management interface for a Cisco Small Business Wireless Access Point was detected on the remote host. If credentials were supplied the version information should be available in the...

2.1AI Score

2022-01-10 12:00 AM
11
nessus
nessus

Loxone Smart Home Miniserver Web Server Version Detection

The remote device is a Loxone Smart Home Miniserver, a home automation solution. Nessus was able to extract the version from the web sever's...

2.5AI Score

2015-03-13 12:00 AM
9
nessus
nessus

Siemens SIMATIC S7-1200 PLC Web Server Detection

The remote device is running an integrated web server that is part of the software platform for managing and monitoring the SIMATIC S7-1200 Programmable Logic Controller...

2.4AI Score

2015-03-02 12:00 AM
15
openvas
openvas

Generic HTTP Directory Traversal (Web Dirs) - Active Check

Generic check for HTTP directory traversal vulnerabilities on each directory of the remote web...

9.8CVSS

8AI Score

0.975EPSS

2021-07-22 12:00 AM
12
openbugbounty
openbugbounty

web-corpora.net Cross Site Scripting vulnerability OBB-3896470

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-04-02 02:54 PM
5
nessus
nessus

RSA Authentication Agent for Web for Apache Installed

RSA Authentication Agent for Web for Apache is installed on the remote...

2.9AI Score

2017-12-21 12:00 AM
12
openvas
openvas

Generic HTTP Directory Traversal (Web Root) - Active Check

Generic check for HTTP directory traversal vulnerabilities on the web root level of the remote web...

9.8CVSS

8AI Score

0.975EPSS

2017-04-18 12:00 AM
706
openvas
openvas

Moxa NPort Unprotected Web Console

The remote Moxa NPort Web Console is not protected by a ...

7.4AI Score

2013-02-19 12:00 AM
57
openbugbounty
openbugbounty

web-corpora.net Cross Site Scripting vulnerability OBB-3882566

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-03-21 06:34 AM
2
osv
osv

teler-waf subject to Bypass of Common Web Attack Threat Rule with HTML Entities Payload

Description teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. Versions prior to v0.1.1 are vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute...

6.5CVSS

1.9AI Score

0.001EPSS

2023-03-01 07:19 PM
11
veracode
veracode

Information Disclosure

reportico-web/reportico is vulnerable to Information Disclosure. The vulnerability is due to improper handling of user input within the execute_mode parameter of the URL, which allows attackers obtain sensitive...

6.6AI Score

0.0004EPSS

2024-04-15 07:05 AM
9
github
github

teler-waf subject to Bypass of Common Web Attack Threat Rule with HTML Entities Payload

Description teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. Versions prior to v0.1.1 are vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute...

6.5CVSS

6.1AI Score

0.001EPSS

2023-03-01 07:19 PM
18
nessus
nessus

Web Application Scanner

This plugin provides vulnerability detections in Web applications and Web site...

6.9AI Score

2023-08-07 12:00 AM
5
cve
cve

CVE-2023-21716

Microsoft Word Remote Code Execution...

9.8CVSS

9.4AI Score

0.454EPSS

2023-02-14 08:15 PM
387
In Wild
nessus
nessus

CKAN Web Detection

The web UI for CKAN, an open source data management system was detected on the remote...

7.1AI Score

2023-06-02 12:00 AM
6
nessus
nessus

OpenMediaVault Web Detection

The web management interface for OpenMediaVault was detected on the remote...

1.1AI Score

2013-12-18 12:00 AM
11
nessus
nessus

OpenGear Web Detection

The web management interface for an OpenGear series 7x00 appliance was detected on the remote host. It is possible to extract the firmware version and model information if login credentials are...

2.7AI Score

2019-08-21 12:00 AM
9
cve
cve

CVE-2022-41103

Microsoft Word Information Disclosure...

5.5CVSS

5AI Score

0.001EPSS

2022-11-09 10:15 PM
55
6
cve
cve

CVE-2022-41060

Microsoft Word Information Disclosure...

5.5CVSS

5AI Score

0.001EPSS

2022-11-09 10:15 PM
47
4
openbugbounty
openbugbounty

web-exposition.com Cross Site Scripting vulnerability OBB-3910667

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-04-09 05:48 AM
6
nessus
nessus

Cisco IOS XE Software Web UI Command Injection (cisco-sa-web-cmdinj2-fOnjk2LD)

According to its self-reported version, the IOS XE is affected by command injection vulnerability. A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying...

8.8CVSS

9.4AI Score

0.002EPSS

2020-08-05 12:00 AM
31
osv
osv

Reportico affected by Incorrect Access Control

An issue discovered in Reportico Till 8.1.0 allows attackers to obtain sensitive information via execute_mode parameter of the...

6AI Score

0.0004EPSS

2024-04-12 12:30 AM
6
cve
cve

CVE-2022-41061

Microsoft Word Remote Code Execution...

7.8CVSS

7.5AI Score

0.002EPSS

2022-11-09 10:15 PM
67
6
nessus
nessus

Trend Micro Mobile Security for Enterprise Web Console Detection

The web console for Trend Micro Mobile Security for Enterprise, a security solution for mobile devices, was detected on the remote...

0.7AI Score

2022-12-19 12:00 AM
10
nessus
nessus

VMware NSX For vSphere (NSX-v) Web Interface Detection

The web interface for VMware NSX for vSphere (NSX-v), also known as VMware NSX Data Center for vSphere, was detected on the remote...

1.8AI Score

2022-10-28 12:00 AM
11
nessus
nessus

Trend Micro InterScan Web Security Virtual Appliance Device Detection

The remote host is a Trend Micro InterScan Web Security Virtual Appliance (IWSVA), a web gateway for application control, exploit detection, malware scanning, and URL filtering. Nessus was able to read the OS version number by logging into the device via...

2.4AI Score

2015-04-06 12:00 AM
12
nessus
nessus

Ivanti Endpoint Manager Cloud Services Appliance web interface detection

The web portal for Ivanti Endpoint Manager Cloud Services Appliance was detected on the remote host. Note: To obtain accurate version and build information provide HTTP basic authentication...

7.5AI Score

2024-04-09 12:00 AM
5
nessus
nessus

Cisco TelePresence Video Communication Server (VCS) Web UI Detection

The login page for a Cisco TelePresence Video Communication Server (VCS) video conferencing device was detected on the remote web server. With valid HTTP credentials, it is possible to extract version information from the web user...

2AI Score

2016-02-02 12:00 AM
8
nessus
nessus

iniNet SpiderControl SCADA Web Server 2.02 Local Privilege Escalation

According to its self-reported version, the iniNet SpiderControl SCADA Web Server running on the remote host is version 2.02. It is, therefore, affected by a flaw due to setting insecure permissions on the installation directory and files. A local attacker can exploit this to replace files,...

2.8AI Score

2016-01-27 12:00 AM
9
openbugbounty
openbugbounty

web-comp-pro.ru Cross Site Scripting vulnerability OBB-3905891

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-04-05 01:34 PM
2
nuclei
nuclei

PrestaShop Step by Step products Pack - SQL Injection

In the module “Step by Step products Pack” (ndk_steppingpack) up to 1.5.6 from NDK Design for PrestaShop, a guest can perform SQL injection in affected...

9.8CVSS

9.9AI Score

0.066EPSS

2024-03-16 05:23 PM
23
openbugbounty
openbugbounty

web-skills-school.com Cross Site Scripting vulnerability OBB-3905892

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-04-05 01:34 PM
2
cvelist
cvelist

CVE-2024-33953 WordPress Adventure Journal theme <= 1.7.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through...

6.5CVSS

6.9AI Score

0.0004EPSS

2024-05-02 11:21 AM
cve
cve

CVE-2024-33953

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-05-14 03:38 PM
9
nessus
nessus

FatPipe MPVPN Web Detection

The web UI for FatPipe MPVPN was detected on the remote...

7.1AI Score

2023-05-25 12:00 AM
7
nessus
nessus

Harbor Web Interface Detection

The web interface for Harbor was detected on the remote...

1.2AI Score

2019-10-17 12:00 AM
10
nessus
nessus

Commvault Web Console Detection

The web console for Commvault was detected on the remote...

0.8AI Score

2019-06-07 12:00 AM
17
Total number of security vulnerabilities507844