Aggregator

CVE-2019-11358 | Oracle Transportation Management 1.4.3 Install cross site scripting (Nessus ID 208606 / ID 176919)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Oracle Transportation Management 1.4.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Install. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2019-11358. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-11358 | Oracle Siebel UI Framework up to 21.2 UIF Open UI cross site scripting (Nessus ID 208606 / ID 176919)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Oracle Siebel UI Framework up to 21.2. It has been classified as critical. Affected is an unknown function of the component UIF Open UI. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2019-11358. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-11358 | Oracle Identity Manager 12.2.1.3.0 jQuery cross site scripting (Nessus ID 208606 / ID 176919)

Vuldb Updates
2 months 3 weeks ago
A vulnerability classified as critical has been found in Oracle Identity Manager 12.2.1.3.0. Affected is an unknown function of the component jQuery. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2019-11358. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-11358 | Oracle Hyperion Planning 11.1.2.4/11.2.6.0 jQuery cross site scripting (Nessus ID 208606 / ID 176919)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in Oracle Hyperion Planning 11.1.2.4/11.2.6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component jQuery. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2019-11358. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-11358 | Oracle PeopleSoft Enterprise FIN Expenses 9.2 cross site scripting (Nessus ID 208606 / ID 176919)

Vuldb Updates
2 months 3 weeks ago
A vulnerability classified as critical was found in Oracle PeopleSoft Enterprise FIN Expenses 9.2. Affected by this vulnerability is an unknown functionality of the component Expenses. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2019-11358. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-11358 | Oracle BI Publisher 5.5.0.0.0/12.2.1.3.0/12.2.1.4.0 BI Publisher Security cross site scripting (Nessus ID 208606 / ID 176919)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in Oracle BI Publisher 5.5.0.0.0/12.2.1.3.0/12.2.1.4.0 and classified as critical. This vulnerability affects unknown code of the component BI Publisher Security. The manipulation leads to cross site scripting. This vulnerability was named CVE-2019-11358. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-11358 | Oracle Business Process Management Suite 12.2.1.3.0/12.2.1.4.0 Runtime Engine cross site scripting (Nessus ID 208606 / ID 176919)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Oracle Business Process Management Suite 12.2.1.3.0/12.2.1.4.0 and classified as critical. This issue affects some unknown processing of the component Runtime Engine. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2019-11358. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-47875 | cure53 DOMPurify up to 2.4.x/3.1.2 cross site scripting (GHSA-gx9m-whjm-85jf / Nessus ID 208927)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in cure53 DOMPurify up to 2.4.x/3.1.2. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-47875. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2007-0347 | CVSTrac up to 2.0 format.c is_eow sql injection (EDB-3223 / Nessus ID 24263)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in CVSTrac up to 2.0. It has been declared as critical. This vulnerability affects the function is_eow of the file format.c. The manipulation leads to sql injection. This vulnerability was named CVE-2007-0347. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

InfiltraxInfiltrax: UAC Bypass, Keylogging, and Persistent Access for Penetration Testers

Penetration Testing Tools - Metepreter.org
2 months 3 weeks ago

Infiltrax Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve clipboard contents, log keystrokes, bypass UAC and install AnyDesk for persistent remote access. Feature Screenshot Capture:...

The post InfiltraxInfiltrax: UAC Bypass, Keylogging, and Persistent Access for Penetration Testers appeared first on Penetration Testing Tools.

ddos

CVE-2014-7650 | Ashok88 JJA- Juvenile Justice Act 1986 1 X.509 Certificate cryptographic issues (VU#582497)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in Ashok88 JJA- Juvenile Justice Act 1986 1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-7650. The attack can only be done within the local network. There is no exploit available.
vuldb.com

CVE-2016-1564 | WordPress up to 4.4.0 class-wp-theme.php cross site scripting (News 36185 / Nessus ID 87900)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in WordPress up to 4.4.0. Affected by this issue is some unknown functionality of the file wp-includes/class-wp-theme.php. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2016-1564. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2016-1567 | chrony up to 1.31.1/2.2.0 Key 7pk security (FEDORA-2016-6a0b0ab775 / Nessus ID 88724)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in chrony up to 1.31.1/2.2.0 and classified as critical. Affected by this issue is some unknown functionality of the component Key Handler. The manipulation leads to 7pk security features. This vulnerability is handled as CVE-2016-1567. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2014-7648 | Ip-phone-smart SMARTalk 1.1 X.509 Certificate cryptographic issues (VU#582497)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Ip-phone-smart SMARTalk 1.1. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-7648. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com

Weekly Update 421

Troy Hunt
2 months 3 weeks ago

It wasn't easy talking about the Muah.AI data breach. It's not just the rampant child sexual abuse material throughout the system (or at least requests for the AI to generate images of it), it's the reactions of people to it. The tweets justifying

Troy Hunt

CVE-2016-1569 | Firebird 2.5.5 Daemon input validation (FEDORA-2016-bec6b9c395 / Nessus ID 89606)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Firebird 2.5.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Daemon. The manipulation leads to improper input validation. This vulnerability is known as CVE-2016-1569. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad