7610 matches found
smartermail free 9.2 - Persistent Cross-Site Scripting
!/usr/bin/python ''' Author: loneferret of Offensive Security Product: SmarterMail Version: Free 9.2 Vendor Site: http://www.smartertools.com Software Download: http://smartertools.com/smartermail/mail-server-software.aspx Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012: Respons...
ConcourseSuite - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
source: https://www.securityfocus.com/bid/54881/info The ConcourseSuite is prone to a cross-site request-forgery vulnerability and multiple cross-site scripting vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user i...
phpList 2.10.18 - 'unconfirmed' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54887/info PHPList is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
PBBoard - admin.php?xml_name Arbitrary PHP Code Execution
PBBoard - admin.php?xmlname Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/54916/info PBBoard is prone to multiple security vulnerabilities including: 1. Multiple SQL-injection vulnerabilities 2. A security-bypass vulnerability 3. An arbitrary file upload vulnerability...
Opera Multiple Vulnerabilities (Aug 2012) - Windows
Opera is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Opera Multiple Vulnerabilities - August12 (Mac OS X)
This host is installed with Opera and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvulnaug12macosx.nasl 5912 2017-04-10 09:01:51Z teissa $ Opera Multiple Vulnerabilities - August12 Mac OS X Authors: Rachana Shetty Copyright: Copyright c 2012 Greenbone Networks...
Opera Multiple Vulnerabilities - August12 (Windows)
This host is installed with Opera and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvulnaug12win.nasl 5963 2017-04-18 09:02:14Z teissa $ Opera Multiple Vulnerabilities - August12 Windows Authors: Rachana Shetty Copyright: Copyright c 2012 Greenbone Networks GmbH...
ntop 'arbfile' Parameter XSS Vulnerability
ntop is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Open Constructor - usersusers.php?keyword Cross-Site Scripting
Open Constructor - usersusers.php?keyword Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...
Open Constructor - 'confirm.php?q' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to execute arbitrary script code, steal cookie-based...
Open Constructor - confirm.php?q Cross-Site Scripting
Open Constructor - confirm.php?q Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to...
Open Constructor - datafileedit.php?result Cross-Site Scripting
Open Constructor - datafileedit.php?result Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...
Elefant CMS - id Cross-Site Scripting
Elefant CMS - id Cross-Site Scripting source: https://www.securityfocus.com/bid/54805/info Elefant CMS is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
ntop - arbfile Cross-Site Scripting
ntop - arbfile Cross-Site Scripting source: https://www.securityfocus.com/bid/54792/info ntop is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/54757/info Distimo Monitor is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...
Temenos T24 R07.03 Cross Site Scripting
TEMENOS T24 R07.03 reflected cross-site scripting Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: TEMENOS T24 R07.03 TEMENOS T24 is prone to a reflected cross-site scripting vulnerability because it...
Multiple web browsers vulnerable in processing Tranfer-Encoding header
Overview Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. When viewing a malicious web site through a proxy server, part of the HTTP response may be misidentified as ...
Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/54725/info Scrutinizer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
JVN#90389651: Multiple web browsers vulnerable in processing Tranfer-Encoding header
Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. When viewing a malicious web site through a proxy server, part of the HTTP response may be misidentified as a response from a different server. Impact An arbitrary script may be executed on the user's web...
JW Player - 'playerready' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54739/info JW Player is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...