874 matches found
Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability
A vulnerability in the Assurance component of Cisco Prime Collaboration could allow an unauthenticated, remote attacker to conduct several cross-site scripting XSS attacks against the user of the web interface of the affected system. The vulnerability is due to insufficient validation of user...
spider_man
This plugin is a local proxy that can be used to give the framework knowledge about the web application when it has a lot of client side code like Flash or Java applets. Whenever a w3af needs to test an application with flash or javascript, the user should enable this plugin and use a web browser...
PT-2012-1248
Name of the Vulnerable Software and Affected Versions jquery versions prior to 1.9.0 Description The issue is related to the jQuery function not properly differentiating between HTML and selectors, allowing for cross-site scripting attacks. In vulnerable versions, jQuery determines whether the...
Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Sense of Security - Security Advisory - SOS-11-010 Release Date. 19-Sep-2011 Last Update. - Vendor Notification Date. 21-Feb-2011 Product. Cisco TelePresence Series Platform. Cisco Affected versions. C = TC4.1.2, MXP = F9.1 Severity Rating. Low - Medium Impact. Cookie/credential theft,...
Cisco TelePresence Cookie Theft / Impersonation / Code Execution
Cisco TelePresensce Series suffers from client-side code execution, denial of service, cookie theft, loss of confidentiality, and impersonation vulnerabilities...
Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009
Sense of Security - Security Advisory - SOS-11-009 Release Date. 19-Jul-2011 Last Update. - Vendor Notification Date. 23-Mar-2011 Product. Oracle Sun GlassFish Enterprise Server Platform. Java EE Affected versions. 2.1.1 v2.1 Patch069.102 Patch12 build b31g-fcs verified and possibly others Severi...
Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability
Exploit for jsp platform in category web applications Sense of Security - Security Advisory - SOS-11-009 Release Date. 19-Jul-2011 Last Update. - Vendor Notification Date. 23-Mar-2011 Product. Oracle Sun GlassFish Enterprise Server Platform. Java EE Affected versions. 2.1.1 v2.1 Patch069.102...
Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability
No description provided by source. Sense of Security - Security Advisory - SOS-11-009 Release Date. 19-Jul-2011 Last Update. - Vendor Notification Date. 23-Mar-2011 Product. Oracle Sun GlassFish Enterprise Server Platform. Java EE Affected versions. 2.1.1 v2.1 Patch069.102 Patch12 build b31g-fcs...
phpMyAdmin Client Side Code Injection
PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification Credits: Emanuele 'emgent' Gentili Marco 'whitesheep' Rondini Alessandro 'scox' Scoscia In error.php, PhpMyAdmin permit to insert text and restricted tag, like BBCode. With tag a@url@pageClick Me/a, you can insert your own...
OpenNMS 1.5.96 - Multiple Vulnerabilities
OpenNMS 1.5.96 - Multiple Vulnerabilities OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group –...
SECOBJADV-2008-03.2: PartyGaming PartyPoker Malicious Update Vulnerability
====================================================================== = Security Objectives Advisory SECOBJADV-2008-03.2 = ====================================================================== PartyGaming PartyPoker Malicious Update Vulnerability...
Debian Security Advisory DSA 1554-2 (roundup)
The remote host is missing an update to roundup announced via advisory DSA 1554-2. OpenVAS Vulnerability Test $Id: deb15542.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1554-2 roundup Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
[SECURITY] [DSA 1554-2] New roundup packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1554-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 06, 2008 http://www.debian.org/security/faq -...
ListManager < 9.3b / 9.2c / 8.95d Multiple Vulnerabilities
The remote host is running ListManager, a web-based commercial mailing list management application from Lyris. According to its banner, the version of ListManager installed on the remote host relies on client-side code to validate unspecified form parameters before processing them. An attacker wh...