Search Results | AttackerKB

Show filters

Topics 6 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

6 Total Results

Displaying 1-6 of 6

Attacker Value

Unknown

CVE-2010-4658

Disclosure Date: February 07, 2020 (last updated February 21, 2025)

statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2010-4659

Disclosure Date: November 20, 2019 (last updated November 27, 2024)

Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2010-4660

Disclosure Date: November 20, 2019 (last updated November 27, 2024)

Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2011-3370

Disclosure Date: November 12, 2019 (last updated November 27, 2024)

statusnet before 0.9.9 has XSS

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2013-4137

Disclosure Date: October 11, 2013 (last updated October 05, 2023)

Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."

0

Attacker Value

Unknown

CVE-2011-3802

Disclosure Date: September 24, 2011 (last updated October 04, 2023)

StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files.

0