Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

exchange

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2015-9363
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.44% / 62.23%
||
7 Day CHG~0.00%
Published-28 Aug, 2019 | 11:56
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().

Action-Not Available
Vendor-n/aSolidWP (iThemes)
Product-exchangen/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2011-1424
Assigner-Dell
ShareView Details
Assigner-Dell
CVSS Score-3.5||LOW
EPSS-0.16% / 37.66%
||
7 Day CHG~0.00%
Published-24 May, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.

Action-Not Available
Vendor-n/aIBM CorporationELAN Microelectronics CorporationMicrosoft Corporation
Product-lotus_dominosourceone_email_managementlotus_notesexchangen/a
CVE-2006-3718
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.57% / 87.26%
||
7 Day CHG~0.00%
Published-19 Jul, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Oracle Exchange for Oracle E-Business Suite and Applications 6.2.4 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS16 and (2) APPS17.

Action-Not Available
Vendor-n/aOracle Corporation
Product-exchangen/a