Lucene search
K

525 matches found

securityvulns
securityvulns
added 2010/05/26 12:0 a.m.23 views

Apache Axis2 crossite scripting

Crossite scripting via administration interface...

2.8AI score
Exploits0References1Affected Software1
Fedora
Fedora
added 2010/03/23 11:23 p.m.14 views

[SECURITY] Fedora 12 Update: glpi-0.72.4-2.svn11035.fc12

GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...

3AI score
Exploits0
Fedora
Fedora
added 2010/03/23 11:18 p.m.14 views

[SECURITY] Fedora 13 Update: glpi-0.72.4-2.svn11035.fc13

GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...

3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.32 views

Debian DSA-1966-1 : horde3 - insufficient input sanitising

Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3237 It has been discovered that horde3 is prone to cross-site scripting attacks via crafted number preferences o...

4.3CVSS4.9AI score0.04832EPSS
Exploits9References7
securityvulns
securityvulns
added 2010/02/04 12:0 a.m.67 views

[DSECRG-09-011] HP StorageWorks 1_8 G2 Tape Autoloader - privilege escalation DOS

Digital Security Research Group DSecRG Advisory DSECRG-09-011 Application: HP StorageWorks 1/8 G2 Tape Autoloader Versions Affected: firmware v 2.30 and earlier Vendor URL: http://hp.com/ Bug: Privilege escalation Exploits: YES Reported: 30.09.2008 Vendor Response: 30.09.2008 Date of Public...

8.5CVSS0.5AI score0.03221EPSS
Exploits1
Packet Storm
Packet Storm
added 2010/01/11 12:0 a.m.38 views

HP StorageWork 1/8 G2 Tape Autoloader Privilege Escalation

DSECRG-09-011 HP StorageWorks 1/8 G2 Tape Autoloader - privilege escalation, DOS A vulnerability was found in Web Administration Interface of device HP StorageWorks 1/8 G2 Tape Autoloader. Default unprivileged user can escalate privileges to the administrator and execute DOS attack. Digital...

8.5CVSS0.5AI score0.03221EPSS
Exploits1
OSV
OSV
added 2010/01/07 12:0 a.m.21 views

DSA-1966-1 horde3 - cross-site scripting

Bulletin has no description...

4.3CVSS5.9AI score0.04832EPSS
Exploits9
Check Point Advisories
Check Point Advisories
added 2010/01/04 12:0 a.m.7 views

Multiple Vendor CUPS Administration Interface CGI Heap Overflow (CVE-2008-0047)

The Common Unix Printing System CUPS is a modular printing system for Unix-like operating systems that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer. A heap...

9.3CVSS7.7AI score0.06765EPSS
Exploits1
Prion
Prion
added 2009/12/21 4:30 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administration interface in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1...

4.3CVSS5.7AI score0.04832EPSS
Exploits8References13Affected Software2
NVD
NVD
added 2009/12/21 4:30 p.m.20 views

CVE-2009-3701

Multiple cross-site scripting XSS vulnerabilities in the administration interface in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1...

4.3CVSS5.7AI score0.04832EPSS
Exploits8References13
UbuntuCve
UbuntuCve
added 2009/12/21 4:30 p.m.38 views

CVE-2009-3701

Multiple cross-site scripting XSS vulnerabilities in the administration interface in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1...

4.3CVSS5.9AI score0.04832EPSS
Exploits8References1
Cvelist
Cvelist
added 2009/12/21 4:0 p.m.38 views

CVE-2009-3701

Multiple cross-site scripting XSS vulnerabilities in the administration interface in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1...

5.5AI score0.04832EPSS
Exploits8References13
CVE
CVE
added 2009/12/21 4:0 p.m.79 views

CVE-2009-3701

CVE-2009-3701 affects Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5. It enables remote XSS via PATH_INFO to admin/phpshell.php, admin/cmdshell.php, or admin/sqlshell.php, related to PHP_SELF. Impact is arbitrary script/HTM...

4.3CVSS5.5AI score0.04832EPSS
Exploits8References13Affected Software2
Tenable Nessus
Tenable Nessus
added 2009/11/30 12:0 a.m.57 views

Serv-U < 9.1.0.0

According to its banner, the installed version of Serv-U is earlier than 9.1.0.0, and therefore affected by the following issues : - A boundary error in the web administration interface when parsing session cookies can result in a stack-based buffer overflow. CVE-2009-4873 - A boundary error in t...

10CVSS6AI score0.82932EPSS
Exploits3References5
Prion
Prion
added 2009/07/16 3:30 p.m.18 views

Directory traversal

Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions CRS before 7.01 SR2 in Cisco Unified Contact Center Express aka CCX server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors...

9CVSS6.8AI score0.02399EPSS
Exploits0References7Affected Software6
NVD
NVD
added 2009/07/16 3:30 p.m.20 views

CVE-2009-2048

Cross-site scripting XSS vulnerability in the Administration interface in Cisco Customer Response Solutions CRS before 7.01 SR2 in Cisco Unified Contact Center Express aka CCX server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified...

3.5CVSS5.2AI score0.01019EPSS
Exploits0References7
NVD
NVD
added 2009/07/16 3:30 p.m.19 views

CVE-2009-2047

Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions CRS before 7.01 SR2 in Cisco Unified Contact Center Express aka CCX server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors...

9CVSS6.2AI score0.02399EPSS
Exploits0References7
Prion
Prion
added 2009/07/16 3:30 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Administration interface in Cisco Customer Response Solutions CRS before 7.01 SR2 in Cisco Unified Contact Center Express aka CCX server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified...

3.5CVSS5.6AI score0.01019EPSS
Exploits0References7Affected Software6
CVE
CVE
added 2009/07/16 3:0 p.m.52 views

CVE-2009-2048

CVE-2009-2048 affects Cisco Unified CCX/CRS Admin pages. The stored cross-site scripting vulnerability allows authenticated users to inject JavaScript into the CCX database via the Administration interface, enabling script execution in the browser of the next authenticated user. Impact details in...

3.5CVSS5.3AI score0.01019EPSS
Exploits0References7Affected Software6
CVE
CVE
added 2009/07/16 3:0 p.m.50 views

CVE-2009-2047

Cisco CVE-2009-2047 pertains to a directory traversal vulnerability in the Administration interface of Cisco Customer Response Solutions (CRS) and Cisco Unified CCX, affecting CRS before 7.0(1) SR2. The flaw allows remote authenticated users to read, modify, or delete arbitrary files on the serve...

9CVSS6.4AI score0.02399EPSS
Exploits0References7Affected Software6
Rows per page
Query Builder