Cross-Site Scripting (XSS) vulnerability in gpEasy

Advisory ID: HTB23137 Product: gpEasy Vendor: gpeasy Vulnerable Versions: 3.5.2 and probably prior Tested Version: 3.5.2 Vendor Notification: January 2, 2013 Vendor Patch: January 2, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...

phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabilities

Summary phlyMail offers you an interface in the browser to have access to your emails, contacts, appointments, tasks, files and bookmakrs from anyhwere, where you have internet access. This can be your home, workplace, train station, abroad, offroad, in the woods or your own backyard. Description...

MS System Center Operations Manager XSS Vulnerabilities (2748552)

This host is missing an important security update according to Microsoft Bulletin MS13-003. OpenVAS Vulnerability Test $Id: secpodms13-003.nasl 6520 2017-07-04 14:28:49Z cfischer $ MS System Center Operations Manager XSS Vulnerabilities 2748552 Authors: Rachana Shetty Copyright: Copyright c 2013...

WordPress Rokbox Plugin Multiple Vulnerabilities

WordPress Rokbox Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress...

Axis Commerce 0.8.7.2 Cross Site Scripting Vulnerability

Axis Commerce version 0.8.7.2 suffers from multiple stored cross site scripting vulnerabilities. Axis Commerce 0.8.7.2 Remote Script Insertion Vulnerabilities alert'XSS';", "base":"TESTSTRING",...

Zoho ManageEngine Support Center Plus Multiple Vulnerabilities

This host is running Zoho ManageEngine Support Center Plus and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmanageenginesupportcenterplusmultvuln.nasl 5988 2017-04-20 09:02:29Z teissa $ Zoho ManageEngine Support Center Plus Multiple Vulnerabilities Authors: Antu Sanadi...

Oracle Identity Management 10g Cross Site Scripting

Exploit for multiple platform in category web applications Oracle Identity Management 10g username XSS POST Injection Vulnerability /head...

LogAnalyzer index.php 'filter' Parameter XSS

The LogAnalyzer install hosted on the remote web server is affected by a cross-site scripting vulnerability due to a failure to properly sanitize user input to the 'filter' parameter of the 'index.php' script. An attacker can exploit this issue to inject arbitrary HTML and script code into a user...

Microsoft System Center Configuration Manager XSS Vulnerability (2741528)

This host is missing an important security update according to Microsoft Bulletin MS12-062. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Visual Studio Team Foundation Server Privilege Elevation Vulnerability (2719584)

This host is missing an important security update according to Microsoft Bulletin MS12-061. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

Exploit for php platform in category web applications xt:Commerce VEYTON 4.0.15 productsnamede Script Insertion Vulnerability form name="XSS" method="POST"...

LabWiki Multiple Cross Site Scripting (XSS) Vulnerabilities

LabWiki is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SiNG cms 2.9.0 (email) Remote XSS POST Injection Vulnerability

Summary SiNG cms is a free modular Content Management System open source, based on a bunch of PHP / MySQL and intended use of the web server Apache. Description The application is prone to a reflected cross-site scripting vulnerability due to a failure to properly sanitize user-supplied input to...

FreeBSD : Dokuwiki -- XSS vulnerability (2fe4b57f-d110-11e1-ac76-10bf48230856)

Secunia Research reports : Secunia Research has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the 'ns' POST parameter in lib/exe/ajax.php when 'call' is set to 'medialist' and 'do' is set to 'media' is n...

PHP Address Book Multiple Cross Site Scripting Vulnerabilities

This host is running PHP Address Book and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpodphpaddressbookmultxssvuln.nasl 5950 2017-04-13 09:02:06Z teissa $ PHP Address Book Multiple Cross Site Scripting Vulnerabilities Authors: Sooraj KS Copyright:...

WordPress Sharebar Plugin SQLi / XSS Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

phpThumb() v1.7.11 (dir & title) Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications phpThumb v1.7.11 dir & title Cross-Site Scripting Vulnerability Vendor: SiliSoftware Product web page: http://www.silisoftware.com Affected version: 1.7.11-201108081537 Summary: phpThumb uses the GD library to create thumbnails from images JPE...

Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities

This host is running Oracle GlassFish Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboracleglassfishservermultvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities Authors: Sooraj KS Copyright: Copyright c 20...

WordPress Zingiri Web Shop Plugin Multiple Cross Site Scripting Vulnerabilities

WordPress Zingiri Web Shop Plugin is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

Multiple vulnerabilities in Pligg CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pligg CMS , which can be exploited to perform Cross-Site Scripting XSS and Local File Inclusion attacks. 1 Multiple Cross-Site Scripting XSS in Pligg CMS: CVE-2012-2436 1.1 Input passed via the arbitrary any GET...