Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
autocomplete vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-12932
A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly escaping the search result in the autocomplete search form placed in the header of out/out.Viewfolder.php.
Seeddms Seeddms 5.1.11
4.3
CVSSv2
CVE-2021-38904
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a remote malicious user to obtain credentials from a user's browser via incorrect autocomplete settings. IBM X-Force ID: 209693.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
5
CVSSv2
CVE-2012-0680
Apple Safari prior to 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote malicious users to bypass authentication by leveraging an unattended workstation.
Apple Safari 3.0.1
Apple Safari 3.1.1b
Apple Safari 4.0.0b
Apple Safari 4.0
Apple Safari 2.0.3
Apple Safari 2.0.4
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 3.2.0b
Apple Safari 3.1.2b
Apple Safari 3
Apple Safari 1.1.1
Apple Safari 4.0.1
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 1.3.2
Apple Safari 5.0.5
Apple Safari 1.3.0
NA
CVE-2021-39045
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a local malicious user to obtain information due to the autocomplete feature on password input fields. IBM X-Force ID: 214345.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Netapp Oncommand Insight -
7.5
CVSSv2
CVE-2011-4677
One Click Orgs prior to 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Oneclickorgs One Click Orgs 1.1.0
Oneclickorgs One Click Orgs 1.0.0
Oneclickorgs One Click Orgs
Oneclickorgs One Click Orgs 1.2.1
Oneclickorgs One Click Orgs 1.2.0
Oneclickorgs One Click Orgs 1.1.1
Oneclickorgs One Click Orgs 1.0.1
5
CVSSv2
CVE-2014-8524
McAfee Network Data Loss Prevention (NDLP) prior to 9.3 does not disable the autocomplete setting for the password and other fields, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Mcafee Network Data Loss Prevention 9.2.1
Mcafee Network Data Loss Prevention 8.6
Mcafee Network Data Loss Prevention
Mcafee Network Data Loss Prevention 9.2.0
2.1
CVSSv2
CVE-2013-2047
The login page (aka index.php) in ownCloud prior to 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate malicious users to guess the password.
Owncloud Owncloud 5.0.0
Owncloud Owncloud
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
6
CVSSv2
CVE-2012-1638
SQL injection vulnerability in the Search Autocomplete module prior to 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL commands via unspecified vectors.
Dominique Clause Search Autocomplete
Dominique Clause Search Autocomplete 7.x-1.0
Dominique Clause Search Autocomplete 6.x-2.3
Dominique Clause Search Autocomplete 6.x-2.2
Dominique Clause Search Autocomplete 6.x-1.0
Dominique Clause Search Autocomplete 5.x-1.0
Dominique Clause Search Autocomplete 6.x-2.0
Dominique Clause Search Autocomplete 5.x-1.x
Dominique Clause Search Autocomplete 6.x-2.1
2.1
CVSSv2
CVE-2009-5100
Pentaho BI Server 1.7.0.1062 and previous versions does not set the autocomplete tag to off on web pages using a password field, which might allow physically proximate malicious users to obtain the password.
Pentaho Bi Server 1.2.0
Pentaho Bi Server 1.6.0
Pentaho Bi Server
5
CVSSv2
CVE-2019-4724
IBM Cognos Analytics 11.0 and 11.1 could allow a remote malicious user to obtain credentials from a user's browser via incorrect autocomplete settings in New Content Backup page. IBM X-Force ID: 172130.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »