16 matches found
EUVD-2016-7067
Malware in sbrugna...
EUVD-2015-0939
Malware in sbrugna...
EUVD-2016-7134
Malware in sbrugna...
EUVD-2012-5279
Malware in sbrugna...
Ektron Content Management System (CMS) Remote Re-enablement User Vulnerability
Ektron Content Management System is an enterprise-level Web content management system from Ektron, Inc. A remote re-enablement user vulnerability exists in Ektron Content Management System CMS version 9.20 SP2, which allows remote attackers to exploit the vulnerability to enable users...
Ektron Content Management System Cross-Site Scripting Vulnerability
Ektron Content Management System is an enterprise-level Web content management system from Ektron, Inc. A cross-site scripting vulnerability exists in the Ektron Content Management System, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to obtai...
CVE-2016-6133
Cross-site scripting XSS vulnerability in Ektron Content Management System before 9.1.0.184SP39.1.0.184.3.127 allows remote attackers to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx...
CVE-2016-6133
CVE-2016-6133 is an XSS vulnerability in Ektron Content Management System (pre-9.1.0.184SP3 / 9.1.0.184.3.127) where an attacker can inject arbitrary script via the rptStatus parameter in WorkArea/SelectUserGroup.aspx. Public details (PacketStorm) show affected version 9.10SP1 (build 9.1.0.184) a...
Ektron Content Management System Cross-Site Scripting Vulnerability
Ektron Content Management System CMS is an enterprise-class Web content management system CMS from Ektron, Inc. The system supports WYSIWYG editors, content layout and drag-and-drop operations. A cross-site scripting vulnerability exists in versions of Ektron CMS prior to 9.1.0.184 SP3...
CVE-2016-6201
Cross-site scripting XSS vulnerability in Ektron Content Management System CMS before 9.1.0.184 SP3 9.1.0.184.3.127 allows remote attackers to inject arbitrary web script or HTML via the ContType parameter in a ViewContentByCategory action to WorkArea/content.aspx...
CVE-2016-6201
CVE-2016-6201 affects Ektron Content Management System (CMS) before 9.1.0.184 SP3. The flaw allows remote attackers to inject arbitrary web script/HTML via the ContType parameter in ViewContentByCategory under WorkArea/content.aspx, i.e., a cross-site scripting (XSS) vector. The vulnerability is ...
CVE-2016-6201
Cross-site scripting XSS vulnerability in Ektron Content Management System CMS before 9.1.0.184 SP3 9.1.0.184.3.127 allows remote attackers to inject arbitrary web script or HTML via the ContType parameter in a ViewContentByCategory action to WorkArea/content.aspx...
Ektron Content Management System Cross-Site Scripting Vulnerability
Ektron Content Management System is an enterprise-level Web content management system. A cross-site scripting vulnerability exists in Test/WorkArea/workarea.aspx in Ektron CMS, which can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitiv...
Ektron CMS 9.10 SP1 - CSRF Vulnerability
Vulnerability type: Cross-site Request Forgery Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = 9.10 SP1 Build 9.1.0.184.1.114 Patched version: 9.10 SP1 Build 9.1.0.184.1.120 CVE ID: CVE-2015-3624 Credit: Jerold Hoong PROOF OF CONCEPT CSRF Cross-site...
Ektron CMS 9.10 SP1 Cross Site Scripting
Vulnerability type: Cross-site Scripting Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = 9.10 SP1 Build 9.1.0.184.1.102 Patched version: 9.10 SP1 Build 9.1.0.184.1.114 Credit: Jerold Hoong PROOF OF CONCEPT XSS Cross-site scripting XSS vulnerability in...
Ektron CMS 9.10 SP1 Cross Site Request Forgery
Vulnerability type: Cross-site Request Forgery Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = TIMELINE 07/04/2015: Vulnerability found 07/04/2015: Vendor informed 08/04/2015: Vendor responded and acknowledged - 01/05/2015: MITRE issued CVE numbe...