McAfee ePolicy Orchestrator (ePO) Multiple Vulnerabilities-02 (Aug 2013)

McAfee ePolicy Orchestrator is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2013-83: Arbitrary HTML Injection in Siemens SIMATIC S7-1500 CPU PLC

The specialists of the Positive Research center have detected an Arbitrary HTML Injection vulnerability in Siemens SIMATIC S7-1500 CPU PLC. The integrated web server port 80/tcp and port 443/tcp of the affected device might allow attackers to inject HTML headers. How to fix Update your firmware u...

FluxBB 1.5.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-si...

Cisco Unified Operations Manager HTTP Header Injection Vulnerability

A vulnerability in Cisco Unified Operations Manager could allow an unauthenticated, remote attacker to cause arbitrary HTML or scripts to be executed in a user's browser. The vulnerability is due to a failure to properly validate application URLs. An attacker could exploit this vulnerability by...

Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)

The host is installed with Apple Safari web browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbapplesafariwebkitmultvulnjun13macosx.nasl 6079 2017-05-08 09:03:33Z teissa $ Apple Safari Webkit Multiple Vulnerabilities - June13 Mac OS X Authors: Thanga Prakash S...

Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability (2821818)

This host is missing an important security update according to Microsoft Bulletin MS13-035. OpenVAS Vulnerability Test $Id: secpodofficeinfopathms13-035.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability 2821818 Authors: Antu Sanadi Copyright:...

CKEditor sample_posteddata.php XSS

The version of the CKEditor installed on the remote host is affected by a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'sampleposteddata.php' script. An unauthenticated, remote attacker may be able to leverage this to inject arbitrary HTML an...

Multiple Vulnerabilities in KrisonAV CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in KrisonAV CMS, which can be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-Site Scripting XSS vulnerability in KrisonAV CMS: CVE-2013-2712 The vulnerability exists due to...

IBM Lotus Domino HTTP Server Multiple Vulnerabilities

Lotus Domino HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:lotusdomino";...

Wordpress WP Banners Lite Plugin Cross Site Scripting Vulnerability

This host is installed with Wordpress WP Banners Lite Plugin and is prone to xss vulnerability. OpenVAS Vulnerability Test $Id: gbwordpresswpbannerslitexssvuln.nasl 6086 2017-05-09 09:03:30Z teissa $ Wordpress WP Banners Lite Plugin Cross Site Scripting Vulnerability Authors: Thanga Prakash S...

WordPress MailUp Plugin Multiple Vulnerabilities

WordPress MailUp Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress WP Banners Lite Plugin Cross Site Scripting Vulnerability

WordPress WP Banners Lite Plugin is prone to an XSS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Jaow CMS <= 2.4.8 XSS Vulnerability

Jaow CMS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2651-1 (smokeping - cross-site scripting vulnerability)

A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the displaymode parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user's browser session in the context of an...

Asteriskguru Queue Statistics Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2013-002 - Original release date: January 22nd, 2013 - Last revised: March 10th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score ============================================= I...

Stoneware webNetwork Multiple Cross-Site Scripting Vulnerabilities

Stoneware webNetwork is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MTP Guestbook 1.0 - Multiple XSS Vulnerabilities

Exploit for php platform in category web applications MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / form method="POST" action="http://localhost/mtpguestbook/inse...

LogAnalyzer userchange.php 'viewid' Parameter XSS

The LogAnalyzer install hosted on the remote web server is affected by a cross-site scripting vulnerability due to a failure to properly sanitize user input to the 'viewid' parameter of the 'userchange.php' script. An attacker can exploit this issue to inject arbitrary HTML and script code into a...

Dell OpenManage Server Administrator Multiple XSS Vulnerabilities

Dell OpenManage Server Administrator is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Multiple Cross-Site Scripting (XSS) in glFusion

High-Tech Bridge Security Research Lab discovered multiple XSS vulnerabilities in glFusion, which can be exploited to perform Cross-Site Scripting attacks. glFusion has a "badbehaviour" plugin installed by default that verifies HTTP Referer, aimed to protect against spambots. The plugin also make...