Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2018-07-18
High
High
High
Low
High
Low
Low
Low
Med.
2018-07-17
Low
High
Med.
High

The latest CVEs

2018-07-18
CVE-2018-14082
PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site Scripting (XSS) via the search bar.
CVE-2018-12429
JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.
CVE-2018-8042
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie.
CVE-2018-8011
By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33).
CVE-2018-5232
The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuetype parameter.
CVE-2018-14382
InstantCMS 2.10.1 has /redirect?url= XSS.
CVE-2018-14381
Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability.
CVE-2018-14380
In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts.
CVE-2018-10877
Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
CVE-2018-10616
ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used.

Dorks

2018-07-18
Low
Binary Image Multi XSS Found
intext:Developed By:Binary Image inurl:?p=result-search
mr.Gh0st N@0b
Low
mr material redirect script multiple Vulnerability
...
IRANIAN ETHICAL HACKERS
Low
PHP Whois Script Cross Site Scripting Vulnerability
...
IRANIAN ETHICAL HACKERS
2018-07-16
Med.
Web Technology by Contedia SQL Injection Vulnerability
"Web Technology by Contediaâ„¢" inurl:.php?id=
Iran Cyber Security Group
2018-07-15
Med.
Mini Ajax Arbitrary File Upload
intitle:"Mini Ajax File Upload Form"
0N3R1D3R

Copyright 2018, cxsecurity.com

 

Back to Top