be user log project be user log vulnerabilities and exploits

(subscribe to this query)

Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and previous versions for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Be User Log Project Be User Log

The telnet daemon (telnetd) in MIT krb5 prior to 1.6.1 allows remote malicious users to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.

Mit Kerberos 5 Debian Debian Linux 3.1 Debian Debian Linux 4.0 Canonical Ubuntu Linux 5.10 Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 6.10

Multiple format string vulnerabilities in Condor 7.2.0 up to and including 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and pos...

The WP Photo Album Plus WordPress plugin prior to 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.

Wp Photo Album Plus Project Wp Photo Album Plus

mcholste Enterprise Log Search and Archive (ELSA) version revision 1205, commit 2cc17f1 and previous versions contains a Cross Site Scripting (XSS) vulnerability in index view (/) that can result in . This attack appear to be exploitable via Payload delivered via the type, name, ...

Elsa Project Elsa

spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability...

Spring-boot-actuator-logview Project Spring-boot-actuator-logview

4 Github repositories

The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...

Snoopy Project Snoopy Debian Debian Linux 4.0 Debian Debian Linux 5.0 Nagios Nagios Wordpress Wordpress

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x prior to 5.2.4.1, 5.3.x prior to 5.3.2.1, and 5.4.x prior to 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 up to and including 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3R...

Juniper Session And Resource Control 2.0 Juniper Src Pe 1.0 Juniper Session And Resource Control 1.0 Juniper Src Pe 2.0

1 EDB exploit

The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the `org.conroller.js` code would erroneously log user secrets. This has been resolved in commit `46d98f2b` and should be available in subsequent vers...

Cve Cve-services

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 prior to 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to...

Mit Kerberos 5 Canonical Ubuntu Linux 5.10 Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 6.10 Debian Debian Linux 3.1 Debian Debian Linux 4.0

1 Github repository

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook