关键字 的搜索结果 (15245)

CVE-2018-9115(发布:2018-04-04 15:29:00)NMP
CVSSN/A

[原文]Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to work with that layer.

CVE-2018-9126(发布:2018-04-04 15:29:00)NMP
CVSSN/A

[原文]The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.

CVE-2018-8813(发布:2018-04-04 11:29:00)NMP
CVSSN/A

[原文]Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL.

CVE-2018-8814(发布:2018-04-04 11:29:00)NMP
CVSSN/A

[原文]Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.

CVE-2018-9205(发布:2018-04-04 11:29:00)NMP
CVSSN/A

[原文]Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.

CVE-2018-9235(发布:2018-04-04 03:29:00)NMP
CVSSN/A

[原文]iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.

首页上一页56789101112下一页尾页 第7页 / 共2541页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站